CVSS: 9.8EPSS: 0%CPEs: 51EXPL: 0CVE-2011-3941 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3941
25 Oct 2013 — The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write. La función decode_mb en el archivo libavcodec/error_resilience.c en FFmpeg anterior a versión 0.10, permite a los atacantes remotos tener un impacto no especificado por medio de vectores relacionados con un índice de bloque no inicializado, que desencadena una escritura fuera de límites.... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c77be3a35a0160d6af88056b0899f120f2eef38e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2771 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2012-2771
25 Oct 2013 — Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781. Una vulnerabilidad sin especificar en FFmpeg en versiones anteriores a la 0.10.3 tiene un impacto y vectores de ataque desconocidos. Esta vulnerabilidad es diferente a CVE-2012-2773, CVE-2012-2778, CVE-2012-2780, y CVE-2012-2781. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to... • https://www.ffmpeg.org/security.html •
CVSS: 8.8EPSS: 0%CPEs: 51EXPL: 0CVE-2011-3935 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2011-3935
25 Oct 2013 — The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size. La función codec_get_buffer en ffmpeg.c en FFmpeg anterior a la versión 0.10 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionados con el tamaño de una imagen manipulada. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause user-assisted execution of arbit... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=668494acd8b20f974c7722895d4a6a14c1005f1e •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2780 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2012-2780
25 Oct 2013 — Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2781. Una vulnerabilidad sin especificar en FFmpeg en versiones anteriores a la 0.10.3 tiene un impacto y vectores de ataque desconocidos. Esta vulnerabilidad es diferente a CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, y CVE-2012-2781. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to... • http://www.securityfocus.com/bid/100272 •
CVSS: 8.8EPSS: 0%CPEs: 51EXPL: 0CVE-2011-3944 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3944
25 Oct 2013 — The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. La función smacker_decode_header_tree en libavcodec/smacker.c de FFmpeg anterior a la versión 0.10 permite a atacantes remotos tener un impacto no especificado a través de datos Smacker. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause user-assisted execution of arbitrary code. Versions le... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1285baaab550e3e761590ef6dfb1d9bd9d1332e4 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2773 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2012-2773
25 Oct 2013 — Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781. Una vulnerabilidad sin especificar en FFmpeg en versiones anteriores a la 0.10.3 tiene un impacto y vectores de ataque desconocidos. Esta vulnerabilidad es diferente a CVE-2012-2771, CVE-2012-2778, CVE-2012-2780, y CVE-2012-2781. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to... • http://www.securityfocus.com/bid/100274 •
CVSS: 8.8EPSS: 0%CPEs: 51EXPL: 0CVE-2011-3934 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2011-3934
25 Oct 2013 — Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data. Vulnerabilidad de doble liberación en la función vp3_update_thread_context en libavcodec/vp3.c de FFmpeg anterior a la versión 0.10, permite a atacantes remotos llevar a cabo un impacto no especificado a través de datos vp3 manipulados. Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote att... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=247d30a7dba6684ccce4508424f35fd58465e535 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2013-3674 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3674
10 Jun 2013 — The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. La función cdg_decode_frame en cdgraphics.c en libavcodec en FFmpeg anterior a 1.2.1 no valida la presencia de datos non-header en el búfer, lo que permite a atacantes remotos provocar una denegación de servicio (acceso ... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3672 – Debian Security Advisory 3003-1
https://notcve.org/view.php?id=CVE-2013-3672
10 Jun 2013 — The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data. La función mm_decode_inter en mmvideo.c en libavcodec en FFmpeg anterior a 1.2.1 no valida adecuadamente la relación entre la coordenada horizontal y el valor "with", lo que permite a... • http://ffmpeg.org/security.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3670 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2013-3670
10 Jun 2013 — The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release. La función rle_unpack en vmdav.c en libavcodec en FFmpeg git 20130328 a la 201305... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •