CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

Information disclosure

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13302

In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...

CVE-2018-13302

In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...

UBUNTU-CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

Ffmpeg Denial of Service Vulnerability (CNVD-2018-08543)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'svgprobe' function in the libavformat/img2dec.c file in FFmpeg 3.4.2 and earlier versions. A remote attacker can exploit this vulnerability to cause ...

Libav 'mpc8_probe' function heap out-of-bounds read vulnerability

Libav formerly FFmpeg is Libav team's set of cross-platform audio and video can be recorded, converted to a solution, which includes a libavcodec encoder. A security vulnerability exists in the 'mpc8probe' function of the libavformat/mpc8.c file in Libav version 12.2. A remote attacker can exploi...

CVE-2017-18245

The mpc8probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted audio file...

CVE-2017-18245

CVE-2017-18245 affects Libav 12.2 in libavformat/mpc8.c (mpc8_probe): remote attackers can trigger a heap-based buffer over-read via a crafted audio file, causing a denial of service (notably on 32-bit systems per the Debian advisory). A remediation is to upgrade Libav/libavformat to a fixed pack...

CVE-2018-5684

CVE-2018-5684 affects Libav up to version 12.2. The vulnerability is an invalid memcpy call in the function ff_mov_read_stsd_entries within libavformat/mov.c. A remote attacker can cause a denial of service (segmentation fault) and program failure by supplying a crafted AVI file. No patch/version...

FFmpeg 'mov_read_default' function integer overflow vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An integer overflow vulnerability exists in the 'movreaddefault' function in the libavformat/mov.c file in FFmpeg versions prior to 2.4.6. A remote attacker can exploit this vulnerability t...

Integer overflow

Integer underflow in the movreaddefault function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file...

DEBIAN-CVE-2015-1208

Integer underflow in the movreaddefault function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file...

CVE-2015-1208

CVE-2015-1208 concerns FFmpeg’s mov_read_default in libavformat/mov.c, where an integer underflow exists in versions before 2.4.6. The vulnerability allows a crafted MP4 file to cause information disclosure by reading sensitive data from heap/stack memory. Several sources (NVD entry, OSS/OSVDB-st...