CVSS: 6.8EPSS: 1%CPEs: 33EXPL: 0CVE-2011-3940 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3940
14 May 2012 — nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams." nsvdec.c en libavcodec de FFmpeg en v0.7.x antes de v0.7.12 y v0.8.x antes de v0.8.11, y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.5 y v0.8.x antes ... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 42EXPL: 0CVE-2011-4352 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-4352
06 Jan 2012 — Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow. Desbordamiento de entero en la función vp3_dequant en el decodificador VP3 (vp3.c) en libavcodec en... • http://ffmpeg.org • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 37EXPL: 0CVE-2011-4353 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-4353
03 Jan 2012 — The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted VP5 or VP6 stream. Las funciones (1) av_image_fill_pointers, (2) vp5_parse_coeff, y (3) vp6_parse_coeff en FFmpeg v0.5.x anterior a v0.5.7, v0.6.x anterior a v0.6.4, v0... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 2%CPEs: 37EXPL: 0CVE-2011-4579 – Mandriva Linux Security Advisory 2012-075
https://notcve.org/view.php?id=CVE-2011-4579
03 Jan 2012 — The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed." La función svq1_decode_frame en el decodificador SVQ1 (svq1dec.c) en libavcodec en FFmpeg v0.5.x anterior a v0.5.7, v0.6.x anterior ... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 40EXPL: 0CVE-2011-4364 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-4364
03 Jan 2012 — Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams. Desbordamiento de búfer en el decodificador Sierra VMD en libavcodec en FFmpeg v0.5.x anterior a v0.5.7, v0.6.x anterior a v0.6.4, v0.7.... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 49EXPL: 0CVE-2011-3362 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3362
19 Sep 2011 — Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file. Error de signo de entero en la función decode_residual_block en cavsdec.c en libavcodec de FFmpeg antes de v0.7.3 y en v0.8.x antes de v0.8.2, y v0.7.1 a través de libav, ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91d5da9321c52e8197fb14046ebb335f3e6ff4a0 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 1%CPEs: 115EXPL: 0CVE-2011-1931 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-1931
07 Jul 2011 — sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. sp5xdec.c en el decodificador Sunplus SP5X JPEG en libavcodec en FFmpeg antes de v0.6.3 y libav hasta v0.6.2, tal y como ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •