26 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-6826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers...
Denial Of Service (DoS)
FFmpeg is vulnerable to denial of service DoS attacks and possibly other attacks. A malicious user can pass malicious RealVideo data to the system to cause an invalid pointer access that can lead to the system crashing...
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
NVD reports : The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact v...
FFmpeg ff_rv34_decode_init_thread_copy denial of service vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffrv34decodeinitthreadcopy' function in the libavcodec/rv34.c file in versions of FFmpeg prior to 2.7.2, which is caused by the program failing to...
DEBIAN-CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
Design/Logic Flaw
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
CVE-2015-6826
CVE-2015-6826 affects FFmpeg’s libavcodec/rv34.c: the function ff_rv34_decode_init_thread_copy does not initialize certain structure members, which can allow a remote attacker to trigger a denial of service (invalid pointer access) or other impact via crafted RealVideo data (RV30 or RV40). The vu...
CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
UBUNTU-CVE-2015-6826
The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...
Code injection
Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream...
CVE-2012-0926
The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to execute arbitrary code via a crafted RV10 RealVideo video stream...
RealNetworks RealPlayer Multiple Vulnerabilities (Nov 2011) - Mac OS X
RealPlayer is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Mac OS X)
This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodrealplayermultvulnnov11macosx.nasl 7024 2017-08-30 11:51:43Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 Mac OS X Authors: Madhuri D Copyright: Copyright...
RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 (Windows)
This host is installed with RealPlayer which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodrealplayermultvulnnov11win.nasl 7052 2017-09-04 11:50:51Z teissa $ RealNetworks RealPlayer Multiple Vulnerabilities Nov - 11 Windows Authors: Madhuri D Copyright: Copyright c...
CVE-2011-4244
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors...
Heap overflow
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors...