CVSS: 10.0EPSS: 0%CPEs: 69EXPL: 0CVE-2012-2803 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-2803
10 Sep 2012 — Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. Una vulnerabilidad de doble liberación en la función mpeg_decode_frame de libavcodec/mpeg12.c en FFmpeg antes de v0.11 tiene un impacto y vectores de ataque desconocidos. Se trata de un problema relacionado con el cambio del valor del tamaño de los datos Multiple vulnerab... • http://ffmpeg.org/security.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0CVE-2012-2804 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-2804
10 Sep 2012 — Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width. Una vulnerabilidad no especificada en libavcodec/indeo3.c en FFmpeg antes de v0.11 tiene un impacto y vectores de ataque desconocidos, relacionados con una "reasignación de código" y la altura y anchura del plano 'luma' o de luminancia. Multiple vulnerabilities were found in FFmpeg, the worst of which might en... • http://ffmpeg.org/security.html •
CVSS: 8.8EPSS: 1%CPEs: 62EXPL: 0CVE-2011-3952 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3952
20 Aug 2012 — The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. La función decode_init en kmvc.c en libavcodec de FFmpeg antes de v0.10 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y v0.8.x antes de v0.8.1 permite... • http://ffmpeg.org • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 3%CPEs: 49EXPL: 0CVE-2011-3362 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3362
02 Oct 2011 — Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file. Error de signo de entero en la función decode_residual_block en cavsdec.c en libavcodec de FFmpeg antes de v0.7.3 y en v0.8.x antes de v0.8.2, y v0.7.1 a través de libav, ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91d5da9321c52e8197fb14046ebb335f3e6ff4a0 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 2%CPEs: 115EXPL: 0CVE-2011-1931 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-1931
07 Jul 2011 — sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. sp5xdec.c en el decodificador Sunplus SP5X JPEG en libavcodec en FFmpeg antes de v0.6.3 y libav hasta v0.6.2, tal y como ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •