CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0851 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-0851
07 Dec 2013 — The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. La función decode_frame en libavcodec/eamad.c en FFmpeg anterior a v1.1 permite a atacantes remotods tener un impacto no especificado a través de información de video Electronic Arts Madcow manipulada, lo que desencadena un acceso fuera de limites en un array. Multiple vulnerabilities have been ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=63ac64864c6e0e84355aa3caa5b92208997a9a8d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0849 – Debian Security Advisory 2855-1
https://notcve.org/view.php?id=CVE-2013-0849
07 Dec 2013 — The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multiple of sixteen in id RoQ video data. La función roq_decode_init en libavcodec/roqvideodec.c en FFmpeg anterior a v1.1 permite a atacantes remotos tener un impacto no especificado a través de una dimensión manipulada de (1) ancho o (2) alto que no sea múltiple de 16 en id RoQ video. Several security issues have b... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3ae610451170cd5a28b33950006ff0bd23036845 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0852 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-0852
07 Dec 2013 — The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. La función parse_picture_segment en libavcodec/pgssubdec.c en FFmpeg anterior a v1.1 permite a atacantes remotos tener un impacto no especificado a través de datos RLE manipulados, lo que desencadena un acceso fuera de limites en un array. The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c0d68be555f5858703383040e04fcd6529777061 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0855
https://notcve.org/view.php?id=CVE-2013-0855
07 Dec 2013 — Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an out-of-bounds array access. Desbordamiento de entero en la función alac_decode_close en libavcodec/alac.c en FFmpeg anteriores a 1.1 permite a atacantes remotos tener un impacto no especificado a través de un gran número de muestras por frame en datos Apple Lossle... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=3920d1387834e2bc334aff9f518f4beb24e470bd • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0859
https://notcve.org/view.php?id=CVE-2013-0859
07 Dec 2013 — The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access. La función add_doubles_metadata en libavcodec/tiff.c de FFmpeg anterior a 1.1 permite a un atacante remoto tener un impacto no especificado a través de un valor de contador negativo o cero n una imagen TIFF, lo que desencadena un acceso de array fuera de rango. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6d1c5ea04af3e345232aa70c944de961061dab2d • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 57EXPL: 0CVE-2013-0845 – Debian Security Advisory 2855-1
https://notcve.org/view.php?id=CVE-2013-0845
07 Dec 2013 — libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. libavcodec/alsdec.c en FFmpeg anteriores a 1.0.4 permite a atacantes remotos tener un impacto no especificado a través de un bloque de longitud manipulada, lo cual activa una escritura fuera de límites. Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=0ceca269b66ec12a23bf0907bd2c220513cdbf16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0848 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-0848
07 Dec 2013 — The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access. La función decode_init en libavcodec/huffyuv.c en FFmpeg anteriores a 1.1 permite a atacantes remotos tener un impacto no especificado a través de una anchura en datos huffyuv con la mediana como predictor y el espacio de colores establec... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=6abb9a901fca27da14d4fffbb01948288b5da3ba • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 59EXPL: 0CVE-2013-0863 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2013-0863
23 Nov 2013 — Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video data. Desbordamiento de búfer en la función rle_decode en libavcodec / sanm.c en FFmpeg anterior a la versión 1.0.4 y 1.1.x anterior a 1.1.2 permite a atacantes remotos tener un impacto no especificado a través de los datos de vídeo manipulado de LucasArts Smush. Multiple vulnerabilities have been found in FFmpeg... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=62c9beda0c189db5cb61fa772057e3af9521f293 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0CVE-2013-0861 – Gentoo Linux Security Advisory 201603-06
https://notcve.org/view.php?id=CVE-2013-0861
23 Nov 2013 — The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout. La función avcodec_decode_audio4 en libavcodec/utils.c de FFmpeg anterior a la versión 1.0.4 y 1.1.x anterior a la versión 1.1.1 permite a atacantes remotos desencadena una corrupción de memoria a través de vectores relacionados con el diseño de canal. Multiple vulnerabilities have been found in FFmpeg, the wors... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=43c6b45a53a186a187f7266e4d6bd3c2620519f1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2013-0860 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-0860
23 Nov 2013 — The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. La función ff_er_frame_end de ibavcodec/error_resilience.c en FFmpeg anterior a la versión 1.0.4 y 1.1.x anterior a 1.1.1 no verifica adecuadamente que un frame está completamente inicializado, lo que permite a atacantes remotos provocar una referenc... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3e196e4def03c7a91423803402f84d638d316c33 • CWE-20: Improper Input Validation •