CVSS: 8.8EPSS: 0%CPEs: 105EXPL: 0CVE-2014-8545 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-8545
05 Nov 2014 — libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data. libavcodec/pngdec.c en FFmpeg anterior a 2.4.2 acepta el formato de negro monocromo sin verificar que el valor bits-per-pixel sea 1, lo que permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango) o posib... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3e2b745020c2dbf0201fe7df3dad9e7e0b2e1bb6 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 105EXPL: 0CVE-2014-8549 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-8549
05 Nov 2014 — libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data. libavcodec/on2avc.c en FFmpeg anterior a 2.4.2 no limita el número de canales a 2 como máximo, lo que permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango) o posiblemente tener otro impacto no especificado a través de datos On2 manipul... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=550f3e9df3410b3dd975e590042c0d83e20a8da3 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-8542 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-8542
05 Nov 2014 — libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data. libavcodec/utils.c en FFmpeg anterior a 2.4.2 omite cierto identificador de codec durante el forzamiento de la alineación, lo que permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango) o posiblemente tener otro impacto no especificado a... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=105654e376a736d243aef4a1d121abebce912e6b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 105EXPL: 0CVE-2014-8546 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-8546
05 Nov 2014 — Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data. Desbordamiento de enteros en libavcodec/cinepak.c en FFmpeg anterior a 2.4.2 permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango) o posiblemente tener otro impacto no especificado a través de datos manipulados de vídeos Cinepak. Multiple vulnerabilities have been ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e7e5114c506957f40aafd794e06de1a7e341e9d5 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 106EXPL: 0CVE-2014-8541 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-8541
05 Nov 2014 — libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data. libavcodec/mjpegdec.c en FFmpeg anterior a 2.4.2 considera solamente las diferencias de dimensión, y no las diferencias bits-por-pixel, cuando determina si un tamaño de imagen ha cambiado, lo q... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5c378d6a6df8243f06c87962b873bd563e58cd39 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 106EXPL: 0CVE-2014-8548 – Debian Security Advisory 3189-1
https://notcve.org/view.php?id=CVE-2014-8548
05 Nov 2014 — Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data. Error de superación de límite (off-by-one) en libavcodec/smc.c en FFmpeg anterior a 2.4.2 permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango) o posiblemente tener otro impacto no especificado a través de datos manipulados de vídeos Quicktime Graph... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c727401aa9d62335e89d118a5b4e202edf39d905 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 37EXPL: 0CVE-2014-5272 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-5272
03 Nov 2014 — libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats. libavcodec/iff.c en FFMpeg anterior a 1.1.14, 1.2.x anterior a 1.2.8, 2.2.x anterior a 2.2.7, y 2.3.x anterior a 2.3.2 permite a atacantes remotos tener un impacto no especificado a través de un imagen iff manipulado, lo que provoca un acceso al a... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=abc1fa7c5a1dca1345b9471b81cfcda00c56220d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 79EXPL: 0CVE-2014-5271 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-5271
03 Nov 2014 — Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en memoria dinámica en la función encode_slice en libavcodec/proresenc_kostya.c en FFMpeg anterior a 1.1.14, 1.2.x anterior a 1.2.8, 2.x anterior a 2.2.7, y 2.3.x... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=52b81ff4635c077b2bc8b8d3637d933b6629d803 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 2CVE-2014-4610 – Mandriva Linux Security Advisory 2014-129
https://notcve.org/view.php?id=CVE-2014-4610
09 Jul 2014 — Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run. Un desbordamiento de enteros en la función get_len en el archivo libavutil/lzo.c en FFmpeg versiones anteriores a 0.10.14, versiones 1.1.x anteriores a 1.1.12, versiones 1.2.x anteriores a 1.2.7, versiones 2.0.x anteriores a 2.0.5, versiones 2.1... • http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2014-2097 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2014-2097
02 Mar 2014 — The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data. La función tak_decode_frame en libavcodec/takdec.c en FFmpeg anterior a 2.1.4 no valida debidamente cierto valor bits-per-sample, lo que permite a atacantes remotos causar una denegación... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f58eab151214d2d35ff0973f2b3e51c5eb372da4 • CWE-20: Improper Input Validation •