Page 38 of 426 results (0.015 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. FFmpeg en versiones anteriores a 24-01-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función ipvideo_decode_block_opcode_0xA en libavcodec/interplayvideo.c unad la función avcodec_align_dimensions2 en libavcodec/utils.c. • http://www.securityfocus.com/bid/97685 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=452 https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb https://lists.debian.org/debian-lts-announce/2019/02/msg00005.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0

Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. Libavcodec en FFmpeg, en versiones anteriores a la 0.11, permite que atacantes remotos ejecuten código arbitrario mediante un archivo WMV manipulado. • http://www.securityfocus.com/bid/56112 https://docs.microsoft.com/en-us/security-updates/VulnerabilityResearchAdvisories/2012/msvr12-017 https://exchange.xforce.ibmcloud.com/vulnerabilities/79405 https://technet.microsoft.com/library/security/msvr12-017 https://www.ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 14EXPL: 0

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response. Desbordamiento de búfer basado en memoria dinámica en libavformat/http.c en FFmpeg en versiones anteriores a 2.8.10, 3.0.x en versiones anteriores a 3.0.5, 3.1.x en versiones anteriores a 3.1.6 y 3.2.x en versiones anteriores a 3.2.2 permite a servidores web remotos ejecutar código arbitrario a través de un tamaño de cantidad negativa en una respuesta HTTP. • http://www.openwall.com/lists/oss-security/2017/01/31/12 http://www.openwall.com/lists/oss-security/2017/02/02/1 http://www.securityfocus.com/bid/95986 https://ffmpeg.org/security.html https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html https://trac.ffmpeg.org/ticket/5992 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 5%CPEs: 14EXPL: 1

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches. Desbordamiento de búfer basado en memoria dinámica en libavformat/rtmppkt.c en FFmpeg en versiones anteriores a 2.8.10, 3.0.x en versiones anteriores a 3.0.5, 3.1.x en versiones anteriores a 3.1.6 y 3.2.x en versiones anteriores a 3.2.2 permite a atacantes remotos ejecutar código arbitrario aprovechando el fallo para comprobar si hay desajustes de tamaño de paquete RTMP. • https://github.com/KaviDk/Heap-Over-Flow-with-CVE-2016-10191 http://www.openwall.com/lists/oss-security/2017/01/31/12 http://www.openwall.com/lists/oss-security/2017/02/02/1 http://www.securityfocus.com/bid/95989 https://ffmpeg.org/security.html https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7 https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 5%CPEs: 14EXPL: 0

Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size. Desbordamiento de búfer basado en memoria dinámica en ffserver.c en FFmpeg en versiones anteriores a 2.8.10, 3.0.x en versiones anteriores a 3.0.5, 3.1.x en versiones anteriores a 3.1.6 y 3.2.x en versiones anteriores a 3.2.2 permite a atacantes remotos ejecutar código arbitrario aprovechando el fallo para comprobar el tamaño del fragmento. • http://www.openwall.com/lists/oss-security/2017/01/31/12 http://www.openwall.com/lists/oss-security/2017/02/02/1 http://www.securityfocus.com/bid/95991 https://ffmpeg.org/security.html https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •