CVSS: 9.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-0866 – Debian Security Advisory 2793-1
https://notcve.org/view.php?id=CVE-2013-0866
11 Nov 2013 — The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. La función aac_decode_init en libavcodec / aacdec.c en FFmpeg anterior a 1.0.4 y 1.1.x anterior a 1.1.2 permite a atacantes remotos tener un impacto no especificado a través de un gran número de canales en un archivo AAC, lo que desencadena un acceso fuera de limites... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=47e462eecc0a47ad40f59376199f93f227e21d13 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0853 – Debian Security Advisory 2793-1
https://notcve.org/view.php?id=CVE-2013-0853
11 Nov 2013 — The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array access, possibly due to an off-by-one error. La función wavpack_decode_frame en libavcodec/wavpack.c en FFmpeg anterior a v1.1 permite a atacantes remotods tener un impacto no especificado a través de información WavPack manipulada, lo que desencadena un acceso fuera de limites en un array, posiblemente debido a u... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=be818df547c3b0ae4fadb50fd210139a8636706a • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 55EXPL: 0CVE-2013-0850 – Debian Security Advisory 2793-1
https://notcve.org/view.php?id=CVE-2013-0850
11 Nov 2013 — The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. La función decode_slice_header en libavcodec/h264.c en FFmpeg anteriores a 1.1 permite a atacantes remotos tener un impacto no especificado a través de datos H.264 manipulados, lo cual lanza un acceso a array fuera de límites. Several security issues have been corrected in multiple demuxers and decoders of the l... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6c184880ee2e09fd68c0ae217173832cee5afc1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2013-3674 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3674
10 Jun 2013 — The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. La función cdg_decode_frame en cdgraphics.c en libavcodec en FFmpeg anterior a 1.2.1 no valida la presencia de datos non-header en el búfer, lo que permite a atacantes remotos provocar una denegación de servicio (acceso ... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3671 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3671
10 Jun 2013 — The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message. La función format_line en log.c en libavutil en FFmpeg anterior a 1.2.1 utiliza datos offset inaplicables durante el cálculo de determinadas categorías, lo que permite a atacantes remotos provocar una denegación de s... • http://ffmpeg.org/security.html • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3673 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3673
10 Jun 2013 — The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data. La función gif_decode_frame en gifdec.c en libavcodec en FFmpeg anterior a 1.2.1 no administra adecuadamente la disposición de los métodos de los frames, lo que permite a atacantes remotos provocar una denegación de servicio (acceso a array fue... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3670 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3670
10 Jun 2013 — The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release. La función rle_unpack en vmdav.c en libavcodec en FFmpeg git 20130328 a la 201305... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3675 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3675
10 Jun 2013 — The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) via crafted LucasArts Smush video data. La función rocess_frame_obj function en sanm.c en libavcodec en FFmpeg anterior a 1.2.1 no valida el ancho y alto de los valores, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de en... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3672 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3672
10 Jun 2013 — The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data. La función mm_decode_inter en mmvideo.c en libavcodec en FFmpeg anterior a 1.2.1 no valida adecuadamente la relación entre la coordenada horizontal y el valor "with", lo que permite a... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2496
https://notcve.org/view.php?id=CVE-2013-2496
09 Mar 2013 — The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted Microsoft RLE data. La función msrle_decode_8_16_24_32 en msrledec.c en libavcodec en FFmpeg a través de v1.1.3 no trata correctamente ciertos punteros, lo que permite a atacantes remotos provocar una denegaci... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e398990eb87785e20e065cd3f14d1dbb69df4392 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •