Integer overflow

The restoretqbpixels function in hevcfilter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution...

libbpg libavcodec 'restore_tqb_pixels' function denial of service vulnerability

libbpg is a new image format library. libavcodec is one of the general-purpose encoding/decoding libraries. A security vulnerability exists in the 'restoretqbpixels' function of the hevcfilter.c file of libavcodec used in libbpg version 0.9.7 and other products. A remote attacker could exploit th...

CVE-2017-14034

The restoretqbpixels function in hevcfilter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impa...

CVE-2016-5637

The restoretqbpixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquantbypassenableflag value, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via a crafted BPG image, related to a "type confusion" issue...

CVE-2016-5637

The restoretqbpixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquantbypassenableflag value, which allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via a crafted BPG image, related to a "type confusion" issue...