The vulnerability of the error_resilience.c, h263dec.c, and mpeg4videodec.c components of the FFmpeg multimedia library, related to the insufficient use of the assert() function, allows a malicious actor to cause a system failure.

The vulnerability of the errorresilience.c, h263dec.c, and mpeg4videodec.c components of the FFmpeg multimedia library is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created AVI...

Memory corruption

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decodevolheader of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix...

openSUSE Security Update : ffmpeg-4 (openSUSE-2020-24)

This update for ffmpeg-4 fixes the following issues : ffmpeg-4 was updated to version 4.0.5, fixes boo1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service out-of-array access or possibly have...

Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service DoS attacks. A malicious user can convert an AVI file to a MP4 file to cause a null pointer dereference through the ffmpeg4decodepictureheader method in mpeg4videodec.c, crashing the application...