367 matches found
CVE-2012-2789
CVE-2012-2789 affects FFmpeg (before 0.11) and Libav (0.7.x before 0.7.7; 0.8.x before 0.8.4) due to an unspecified vulnerability in avi_read_packet() in libavformat/avidec.c related to a large number of vector coded coefficients (num_vec_coeffs). The advisory provides no explicit impact vector b...
Integer overflow
Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...
CVE-2011-4031
Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...
CVE-2011-4031
CVE-2011-4031 affects FFmpeg/libavformat: an integer underflow in asfrtp_parse_packet (rtpdec_asf.c) allows remote code execution via a crafted ASF packet. Impacted software is FFmpeg before 0.8.3; the vulnerability is fixed in 0.8.3. Related advisories (Ubuntu USN, Red Hat, NVD) confirm the issu...
CVE-2011-4031
Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...
CVE-2011-2161
The apereadheader function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service application crash via an APE aka Monkey's Audio file that contains a header but no frames...
DEBIAN-CVE-2011-2161
The apereadheader function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service application crash via an APE aka Monkey's Audio file that contains a header but no frames...
CVE-2011-2161
CVE-2011-2161 affects FFmpeg’s libavformat ape_read_header in ape.c, with the vulnerability present in FFmpeg before 0.5.4. The flaw allows a remote attacker to cause a denial of service (application crash) by processing an APE/Monkey’s Audio file that contains a header but no frames, and is used...
CVE-2011-2161
The apereadheader function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service application crash via an APE aka Monkey's Audio file that contains a header but no frames...
FreeBSD : ffmpeg -- 4xm processing memory corruption vulnerability (6733e1bf-125f-11de-a964-0030843d3802)
Secunia reports : Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the 'fourxmreadheader' function in libavformat/4xm.c. This can...
CVE-2009-0385
Summary (CVE-2009-0385): FFmpeg’s fourxm demuxer contains an integer signedness error in libavformat/4xm.c (function fourxm_read_header). Before revision 16846, this allows a remote attacker to craft a malformed 4X movie file with a large current_track value, triggering a NULL pointer dereference...
CVE-2009-0385
Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...
[TKADV2009-004] FFmpeg Type Conversion Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: FFmpeg Type Conversion Vulnerability Advisory ID: TKADV2009-004 Revision: 1.0 Release Date: 2009/01/28 Last Modified: 2009/01/28 Date Reported: 2009/01/25 Author: Tobias Klein tk at trapkit.de Affected Software: FFmpeg SVN trunk revision 168...
ffmpeg -- 4xm processing memory corruption vulnerability
Secunia reports: Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the "fourxmreadheader" function in libavformat/4xm.c. This can ...
GLSA-200901-07 : MPlayer: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200901-07 MPlayer: Multiple vulnerabilities Multiple vulnerabilities have been reported in MPlayer: A stack-based buffer overflow was found in the strreadpacket function in libavformat/psxstr.c when processing crafted STR files th...
DEBIAN-CVE-2008-4866
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
CVE-2008-4866
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
Buffer overflow
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
CVE-2008-4866
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...
CVE-2008-4866
CVE-2008-4866 concerns FFmpeg 0.4.9 (before r14715) via libavformat/utils.c, where multiple buffer overflows could be triggered in the DTS generation path if a delay exceeds MAX_REORDER_DELAY. The FFmpeg component is used by MPlayer, so a context-dependent attacker could potentially execute arbit...