CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3671 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3671
10 Jun 2013 — The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message. La función format_line en log.c en libavutil en FFmpeg anterior a 1.2.1 utiliza datos offset inaplicables durante el cálculo de determinadas categorías, lo que permite a atacantes remotos provocar una denegación de s... • http://ffmpeg.org/security.html • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3672 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3672
10 Jun 2013 — The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data. La función mm_decode_inter en mmvideo.c en libavcodec en FFmpeg anterior a 1.2.1 no valida adecuadamente la relación entre la coordenada horizontal y el valor "with", lo que permite a... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3673 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3673
10 Jun 2013 — The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data. La función gif_decode_frame en gifdec.c en libavcodec en FFmpeg anterior a 1.2.1 no administra adecuadamente la disposición de los métodos de los frames, lo que permite a atacantes remotos provocar una denegación de servicio (acceso a array fue... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2013-3674 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3674
10 Jun 2013 — The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. La función cdg_decode_frame en cdgraphics.c en libavcodec en FFmpeg anterior a 1.2.1 no valida la presencia de datos non-header en el búfer, lo que permite a atacantes remotos provocar una denegación de servicio (acceso ... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3675 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3675
10 Jun 2013 — The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) via crafted LucasArts Smush video data. La función rocess_frame_obj function en sanm.c en libavcodec en FFmpeg anterior a 1.2.1 no valida el ancho y alto de los valores, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de en... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2495
https://notcve.org/view.php?id=CVE-2013-2495
09 Mar 2013 — The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handle data sizes for Interchange File Format (IFF) data during operations involving a CMAP chunk or a video codec, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) or possibly have unspecified other impact via a crafted header. La función iff_read_header en iff.c en libavformat en FFmpeg a traves de v1.1.3 no controla correctamente lo... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3dbc0ff9c3e6f6e0d08ea3d42cb33761bae084ba • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2496
https://notcve.org/view.php?id=CVE-2013-2496
09 Mar 2013 — The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted Microsoft RLE data. La función msrle_decode_8_16_24_32 en msrledec.c en libavcodec en FFmpeg a través de v1.1.3 no trata correctamente ciertos punteros, lo que permite a atacantes remotos provocar una denegaci... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e398990eb87785e20e065cd3f14d1dbb69df4392 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 58EXPL: 0CVE-2013-2276
https://notcve.org/view.php?id=CVE-2013-2276
27 Feb 2013 — The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data. La función avcodec_decode_audio4 de utils.c en libavcodec de FFmpeg antes de v1.1.3 no comprueba el estado de decodificación antes de proceder a determinadas operaciones ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8a6449167a6da8cb747cfe3502ae86ffaac2ed48 •
CVSS: 8.8EPSS: 0%CPEs: 58EXPL: 0CVE-2013-2277
https://notcve.org/view.php?id=CVE-2013-2277
27 Feb 2013 — The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted H.264 data. La función ff_h264_decode_seq_parameter_set de h264_ps.c en libavcodec de FFmpeg antes de v1.1.3 no realiza la validación de relaciones entre "luma depth" y "chroma dep... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=bdeb61ccc67911cfc5e20c7cfb1312d0501ca90a •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •