16 matches found
MiracleLinux 4 : firefox-38.2.0-4.0.1.AXS4 (AXSA:2015-442:07)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-442:07 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. With this update, following issues are...
Linux Distros Unpatched Vulnerability : CVE-2018-5253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AP4FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling. CVE-2018-5253 Note...
Linux Distros Unpatched Vulnerability : CVE-2021-30199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In filters/reframelatm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gffilterpckgetdata is called. The first arg pck may be null with a crafted mp4...
nginx: specially crafted MP4 file may cause denial of service
A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...
Bento4 安全漏洞
Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which originates from an information leak in Ap4DescriptorFactory.cpp...
SUSE CVE-2015-4480
Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding...
SUSE CVE-2015-4493
Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to...
Bento4 缓冲区错误漏洞
Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that stems from the presence of a heap-based buffer overflow problem...
CVE-2021-36937
Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability...
The vulnerability of the mpeg4decode_studio_block() function in the FFmpeg multimedia library allows a attacker to cause a service failure.
The vulnerability of the mpeg4decodestudioblock function in the FFmpeg multimedia library relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially created MPEG-4 video files...
nginx: Denial of service and memory disclosure via mp4 module
An instance of missing input sanitization was found in the mp4 module for nginx. A local attacker could create a specially crafted video file that, when streamed by the server, would cause a denial of service server crash or hang and, possibly, information disclosure...
UBUNTU-CVE-2015-7222
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service incorrect memory allocation and application crash via an MP4 video...
Mozilla Firefox MPEG4 Video Processing Buffer Overflow Vulnerability (CNVD-2015-05454)
Mozilla Firefox is an open source WEB browser. A buffer overflow vulnerability exists in Mozilla Firefox's handling of MPEG4 video, which allows remote attackers to construct a malicious web page and trick the user into parsing it, which could crash the application or execute arbitrary code...
Mozilla Firefox MPEG4 Video Processing Buffer Overflow Vulnerability (CNVD-2015-05453)
Mozilla Firefox is an open source WEB browser. An integer overflow vulnerability exists in Mozilla Firefox's handling of MPEG4 video, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute arbitrary code...
Mozilla: Overflow issues in libstagefright (MFSA 2015-83)
Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...
PT-2009-3541 · Apple +1 · Ios +1
Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: The issue is related to the MPEG-4 video codec, which allows remote attackers to cause a denial of service, resulting in a devic...