CVSS: 6.5EPSS: 0%CPEs: 37EXPL: 0CVE-2011-4353 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-4353
20 Aug 2012 — The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted VP5 or VP6 stream. Las funciones (1) av_image_fill_pointers, (2) vp5_parse_coeff, y (3) vp6_parse_coeff en FFmpeg v0.5.x anterior a v0.5.7, v0.6.x anterior a v0.6.4, v0... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 40EXPL: 0CVE-2011-3945 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3945
20 Aug 2012 — The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file. La función decode_frame en el decodificador KVG1 (kgv1dec.c) en libavcodec en FFmpeg v0.7.x anterior a v0.7.12 y v0.8.x anterior a v0.8.11, y en Libav v0.5.x anterio... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 33EXPL: 0CVE-2011-3940 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3940
20 Aug 2012 — nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams." nsvdec.c en libavcodec de FFmpeg en v0.7.x antes de v0.7.12 y v0.8.x antes de v0.8.11, y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.5 y v0.8.x antes ... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 38EXPL: 0CVE-2012-0851
https://notcve.org/view.php?id=CVE-2012-0851
20 Aug 2012 — The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. La función ff_h264_decode_seq_parameter_set en h264_ps.c en libavcodec en FFmpeg antes de v0.9.1 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes ... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 38EXPL: 0CVE-2012-0852
https://notcve.org/view.php?id=CVE-2012-0852
20 Aug 2012 — The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. La función adpcm_decode_frame en adpcm.c en libavcodec de FFmpeg antes en v0.9.1 y v0.5.x antes en Libav v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y ... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 33EXPL: 0CVE-2012-0858
https://notcve.org/view.php?id=CVE-2012-0858
20 Aug 2012 — The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free". El codec Shorten (shorten.c) en libavcodec de FFmpeg en v0.7.x antes de v0.7.12 y v0.8.x antes de v0.8.11, y en Libav v0.5.x antes de v0.5.9, v0.6.x ... • http://ffmpeg.org • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 2%CPEs: 33EXPL: 0CVE-2011-3929 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3929
20 Aug 2012 — The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file. La función avpriv_dv_produce_packet en libavcodec de FFmpeg v0.7.x antes de v0.7.12 y y v0.8.x antes de v0.8.11 en Libav v0.5.x antes de v0.5.9, v0.6... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 33EXPL: 0CVE-2011-3947 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3947
20 Aug 2012 — Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MJPEG-B file. Un desbordamiento de búfer en mjpegbdec.c en libavcodec en FFmpeg v0.7.x antes de v0.7.12 y v0.8.x antes de v0.8.11, y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes d... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 62EXPL: 0CVE-2011-3952 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3952
20 Aug 2012 — The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. La función decode_init en kmvc.c en libavcodec de FFmpeg antes de v0.10 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y v0.8.x antes de v0.8.1 permite... • http://ffmpeg.org • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 41EXPL: 0CVE-2011-3936 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3936
20 Aug 2012 — The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file. La función dv_extract_audio en libavcodec de FFmpeg en v0.7.x antes de v0.7.12 y v0.8.x antes de y v0.8.11 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.5 y v0.8.x a... • http://ffmpeg.org • CWE-20: Improper Input Validation •