CVSS: 9.3EPSS: 9%CPEs: 1EXPL: 1CVE-2009-4635 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2009-4635
10 Feb 2010 — FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar código arbitrario a través de un contenedor MOV con tag impropios que producen (1) mov.c y (2) utils.c que utiliza identificadores y tipos de codecs inconsistentes, lo que causa que el decodificador mp3 procese un puntero para una estructura de vídeo, iniciando un desbordamiento de búfer basado en pila Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attacker... • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 3%CPEs: 1EXPL: 1CVE-2009-4636 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2009-4636
10 Feb 2010 — FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (colgado) a través de un fichero manipulado que inicia un bucle infinito. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause user-assisted execution of arbitrary code. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 33%CPEs: 1EXPL: 2CVE-2009-4637 – FFmpeg 0.5 - Multiple Remote Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-4637
10 Feb 2010 — FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow. FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores desconocidos que inicia un desbordamiento de búfer basado en pila. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause ... • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2009-4638 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2009-4638
10 Feb 2010 — Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. Desbordamiento de entero en FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (caída) y posiblemente una ejecución de código arbitrario a través de vectores desconocidos. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause user-assisted execution of arbitrary cod... • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 3%CPEs: 1EXPL: 1CVE-2009-4639 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2009-4639
10 Feb 2010 — The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. La funcion av_rescale_rnd en AVI demuxer en FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (caída) a través de un fichero AVI manipulado que inicia un error de división por cero. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to c... • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 1CVE-2009-4640 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2009-4640
10 Feb 2010 — Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. Error de indexación de array en vorbis_dec.c in FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar y posiblemente ejecutar código arbitrario a través de un fichero Vorbis manipulado que inicia una lectura fuera de rango. Multiple vulnerabilities wer... • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 7%CPEs: 15EXPL: 3CVE-2008-4866
https://notcve.org/view.php?id=CVE-2008-4866
31 Oct 2008 — Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY. Múltiples desbordamientos de búfer en libavformat/utils.c en FFmpeg 0.4.9 antes de r14715, como lo usa MPlayer, permite a atacantes dependientes del contexto tener un impacto desconocido mediante vectores relacionados con código de gener... • http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016011.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 3%CPEs: 20EXPL: 2CVE-2008-4610 – MPlayer - '.AAC' File Handling Denial of Service
https://notcve.org/view.php?id=CVE-2008-4610
20 Oct 2008 — Multiple vulnerabilities have been found in MPlayer and the bundled FFmpeg, the worst of which may lead to the execution of arbitrary code. • https://www.exploit-db.com/exploits/32856 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-3230
https://notcve.org/view.php?id=CVE-2008-3230
18 Jul 2008 — The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif. El FFmpeg lavf Demuxer permite atacantes, con la ayuda del usuario, provocar una denegación de servicio (con caída de aplicación) a través de un archivo GIF manipulado, posiblemente relacionado con gstreamer, como se demuestra con el fichero lol-giftopnm.gif. • https://roundup.mplayerhq.hu/roundup/ffmpeg/issue530 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 28%CPEs: 14EXPL: 1CVE-2008-3162 – FFmpeg libavformat - 'psxstr.c' STR Data Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-3162
14 Jul 2008 — Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors. Desbordamiento de búfer basado en pila en la función str_read_packet de libavformat/psxstr.c de FFmpeg anterior a r13993 , permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o ejecutar cód... • http://svn.mplayerhq.hu/ffmpeg?... name=MDVSA-2008:157 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •