Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service DoS. The vulnerability exists as an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to...

Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service DoS. The vulnerability exists as libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service DoS. The vulnerability exists as the ffamfgetfieldvalue function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service Segmentation Violation and application crash via a crafted stream...

Arbitrary Code Execution

ffmpeg is vulnerable to arbitrary code execution. Mishandling of empty sprop-parameter-sets values in the sdpparsefmtpconfigh264 function in libavformat/rtpdech264.c leads to heap buffer overflow and allows a remote attacker to cause a denial of service and execute arbitrary code a malicious sdp...

The vulnerability of the libavformat library in the Ffmpeg multimedia environment allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the libavformat library in the Ffmpeg multimedia environment is related to the lack of checking the return value of the sscanf function. This can lead to the use of uninitialized variables. Exploiting this vulnerability could allow a malicious actor to compromise data...

SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2019:1299-2)

This update for ffmpeg fixes the following issues : Security issue fixed : CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS bsc1101889 CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a D...

Libav Resource Management Error Vulnerability

Libav is Libav team's set of cross-platform audio and video can be recorded, converted solution, which includes a libavcodec encoder. A resource management error vulnerability exists in the 'mpc8readheader' function of the libavformat/mpc8.c file in Libav version 12.3, which can be exploited to...

UBUNTU-CVE-2019-14371

An issue was discovered in Libav 12.3. There is an infinite loop in the function movprobe in the file libavformat/mov.c, related to offset and tag...

CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

Design/Logic Flaw

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

UBUNTU-CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

CVE-2019-13390

CVE-2019-13390 affects FFmpeg 4.1.3, where a division by zero occurs in adx_write_trailer (libavformat/rawenc.c). The connected advisories confirm this exact flaw (CVE-2019-13390) and tie it to FFmpeg’s raw muxer handling. Reported impact is exposure to denial of service or crash scenarios via cr...

CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

CVE-2019-13390

In FFmpeg 4.1.3, there is a division by zero at adxwritetrailer in libavformat/rawenc.c...

PT-2019-5777 · FFmpeg +4 · Ffmpeg +4

Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.1.3 Description: The issue is related to a division by zero error in the adx write trailer function of the libavformat library in the FFmpeg multimedia environment. This error can be exploited by a remote attacker to cause a...

UBUNTU-CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

CVE-2019-12730

CVE-2019-12730 affects FFmpeg: aa_read_header in libavformat/aadec.c may use uninitialized variables because sscanf failure isn’t checked. Affected releases are FFmpeg before 3.2.14 and 4.x before 4.1.4. This is fixed in FFmpeg 3.2.14 and 4.1.4 (per multiple advisories and official commits). Reme...