CVE-2019-12730

aareadheader in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables...

Debian DLA-1809-1 : libav security update

Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flvwritepacket function in libavformat/flvenc.c in libav did not check for an empty audio packet, leading to an assertion failure. CVE-2019-11338 libavcodec/hevcdec.c...

SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2019:1299-1)

This update for ffmpeg fixes the following issues : Security issue fixed : CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS bsc1101889 CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a D...

Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities

A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...

Design/Logic Flaw

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

CVE-2018-15822 affects FFmpeg/libav through 2.8 where flv_write_packet in libavformat/flvenc.c does not check for an empty audio packet, triggering an assertion failure. Multiple connected advisories (Debian DLA-1809, DSA-4449; USN-3967-1; Cloud Foundry/Ubuntu advisories) reference this CVE along...

CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

CVE-2018-14395

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...

Format string

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...

Design/Logic Flaw

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

CVE-2018-14395

CVE-2018-14395 affects FFmpeg 3.2 and 4.0.2, where in libavformat/movenc.c a crafted audio file can trigger a divide-by-zero, causing a denial of service (application crash) when converting to MOV audio. Connected advisories confirm fixes in FFmpeg updates (e.g., SUSE SUSE-SU-2019:1299-1/2 and De...

CVE-2018-14395

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...

CVE-2018-14394

CVE-2018-14394 affects FFmpeg prior to 4.0.2 through the libavformat/movenc.c implementation, where a divide-by-zero in the movenc code path can crash the application when processing a crafted Waveform audio file. This is a DoS vulnerability with potential for an application crash (availability i...

Ffmpeg Denial of Service Vulnerability (CNVD-2018-13660)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the libavformat/movenc.c file in FFmpeg versions prior to 4.0.2. The vulnerability can be exploited by an attacker to cause a denial of service applicatio...

FFmpeg 'handle_eac3' function out-of-bounds access vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'handleeac3' function in the libavformat/movenc.c file in FFmpeg version 4.0.1. The vulnerability can be exploited to cause a denial of service array...