CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7555 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7555
23 Dec 2016 — The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure. La función avi_read_header en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una perdida de memoria cuando decodifica un archivo AVI que tiene uns estructura "strh" manipulada. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service conditio... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7785 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7785
23 Dec 2016 — The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. La función avi_read_seek en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 permite a atacantes remotos provocar una denegación de servicio (fallo de asertividad) a través de un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service co... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7450 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7450
23 Dec 2016 — The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file. La función ff_log2_16bit_c en libavutil/intmath.h en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una lectura de memoria fuera de límites cuando codifica un archivo AIFF malformado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7562 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7562
23 Dec 2016 — The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file. La función ff_draw_pc_font en libavcodec/cga_data.c en FFmpeg en versiones anteriores a 3.1.4 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer) a través de un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial o... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6671
https://notcve.org/view.php?id=CVE-2016-6671
23 Dec 2016 — The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file. La función raw_decode en libavcodec/rawdec.c en FFmpeg en versiones anteriores a 3.1.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar un código arbitrario a través del archivo manipulado SWF. • http://www.openwall.com/lists/oss-security/2016/08/12/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2016-6920 – ffmpeg 3.1.2 Heap Overflow
https://notcve.org/view.php?id=CVE-2016-6920
07 Sep 2016 — Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions. Desbordamiento de búfer basado en memoria dinámica en la función decode_block en libavcodec/exr.c en FFmpeg en versiones anteriores a 3.1.3 permite a atacantes provocar una denegación de servicio (caída de la aplicación) a través de vectores que implican posiciones de baldosa. ffmpeg versions 3.1.2 an... • http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit%3Bh=79f52a0dbd484aad111e4bf4a4f7047c7ceb6137 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2839 – Gentoo Linux Security Advisory 201701-15
https://notcve.org/view.php?id=CVE-2016-2839
05 Aug 2016 — Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video. Mozilla Firefox en versiones anteriores a 48.0 y Firefox ESR 45.x en versiones anteriores a 45.3 en Linux hace llamadas cairo _cairo_surface_get_extents que no interactúan adecuadamente con asignación de cabecera libav en F... • http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 0CVE-2016-3062 – Gentoo Linux Security Advisory 201705-08
https://notcve.org/view.php?id=CVE-2016-3062
15 Jun 2016 — The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. La función mov_read_dref en libavformat/mov.c en Libav en versiones anteriores a 11.7 y FFmpeg en versiones anteriores a 0.11 permite a atacantes remotos provocar una denegación de srevicio (corrupción de memoria) o ejecutar código arbitrario a través de valores de ent... • http://lists.opensuse.org/opensuse-updates/2016-06/msg00105.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2327 – Gentoo Linux Security Advisory 201606-09
https://notcve.org/view.php?id=CVE-2016-2327
12 Feb 2016 — libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions. libavcodec/pngenc.c en FFmpeg en versiones anteriores a 2.8.5 utiliza tamaños de línea incorrectos en ciertos cálculos de fila, lo que podría permitir a atacantes remotos provocar una denegación de s... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=7ec9c5ce8a753175244da971fed9f1e25aef7971 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2330 – Gentoo Linux Security Advisory 201606-09
https://notcve.org/view.php?id=CVE-2016-2330
12 Feb 2016 — libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions. libavcodec/gif.c en FFmpeg en versiones anteriores a 2.8.6 no calcula correctamente un tamaño de buffer, lo que podría permitir a atacantes remotos provocar una denegación de servicio (ac... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=03d83ba34b2070878909eae18dfac0f519503777 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •