346 matches found
Debian: Security Advisory (DSA-4099-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4049-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4049-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2017 https://www.debian.org/security/faq -...
FFmpeg Buffer Out-of-Bounds Read Vulnerability
FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. A buffer out-of-bounds read vulnerability exists in the readheader function in libavcodec/ffv1dec.c in 3.3.4 and earlier versions of Ffmpeg. An...
Debian DSA-3996-1 : ffmpeg - security update
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed Real, MV, RL2, ASF, Apple HLS, Phantom Cine, MXF, NSV, MOV or RTP H.264 files/streams are processed. %NASLMINLEVEL...
[SECURITY] [DSA 3996-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3996-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3996-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the multimedia framework of the Android operating system allows a perpetrator to gain access to protected data or execute arbitrary code.
The vulnerability of the multimedia framework of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected data or execute arbitrary code within a privileged process...
Google Android Media Framework Remote Code Execution Vulnerability (CNVD-2017-31363)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. media framework libavc is one of the frameworks used for multimedia development. A remote code execution vulnerability exists in Media Framework libavc in Android. A remote attacke...
Unspecified vulnerability in Ffmpeg (CNVD-2017-20994)
FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...
DEBIAN-CVE-2017-11719
The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...
CVE-2017-5051
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
DEBIAN-CVE-2016-10191
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches...
CVE-2016-7502
The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...
Ubuntu system actually exists Nintendo red and white game machine vulnerability-vulnerability warning-the black bar safety net
Recently security researchers Evans in the Ubuntu system found a very interesting vulnerability, this vulnerability also with Nintendo the year of the 8-bit consoles(NES, or FC. Evans said that in Ubuntu 12.04.5 version of the multimedia framework in the presence of a vulnerability, the...
UBUNTU-CVE-2016-2328
libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...
GStreamer: User-assisted execution of arbitrary code
Background GStreamer is an open source multimedia framework. Description A buffer overflow vulnerability has been found in the parsing of H.264 formatted video. Impact A remote attacker could entice a user to open a specially crafted H.264 formatted video using an application linked against...
The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure
The vulnerability in the decodeuncompressed function in the libavcodec/faxcompr.c multimedia library of FFmpeg exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using specially crafted CCITT FAX data...
UBUNTU-CVE-2015-6823
The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...
DEBIAN-CVE-2014-8549
libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted On2 data...
Apple QuickTime 视频文件缓冲区溢出漏洞
CVE ID: CVE-2012-3756 QuickTime是由苹果电脑所开发的一种多媒体架构,能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式,以及交互式全景影像的数项类型。 QuickTime在处理特制PM4文件内的'rnet'框时存在缓冲区溢出漏洞,可导致应用意外终止或任意代码执行。 0 Apple Quicktime 7.x 厂商补丁: Apple ----- 请更新到QuickTime 7.7.3: APPLE-SA-2012-11-07-1:QuickTime 7.7.3 链接:http://www.apple.com/quicktime/download/...