
CVE-2012-2789 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-2789
10 Sep 2012 — Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients (num_vec_coeffs). Una vulnerabilidad no especificada en la función avi_read_packet en libavformat/avidec.c en FFmpeg antes de v0.11 tiene un impacto y vectores de ataque desconocidos. Se trata de un problema relacionado con un número demasiado grande de coefic... • http://ffmpeg.org/security.html •

CVE-2011-3952 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3952
14 Jun 2012 — The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. La función decode_init en kmvc.c en libavcodec de FFmpeg antes de v0.10 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y v0.8.x antes de v0.8.1 permite... • http://ffmpeg.org • CWE-20: Improper Input Validation •

CVE-2011-3937 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3937
15 May 2012 — The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads." El codificador-decodificador H.263 (libavcodec/h263dec.c) en FFmpeg versión 0.7.x anterior a 0.7.12, versión 0.8.x anterior a 0.8.11, y versiones no específicas anterior a 0.10, y en Libav v... • http://ffmpeg.org/security.html •

CVE-2011-3362 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3362
19 Sep 2011 — Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file. Error de signo de entero en la función decode_residual_block en cavsdec.c en libavcodec de FFmpeg antes de v0.7.3 y en v0.8.x antes de v0.8.2, y v0.7.1 a través de libav, ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91d5da9321c52e8197fb14046ebb335f3e6ff4a0 • CWE-189: Numeric Errors •

CVE-2011-1931 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-1931
07 Jul 2011 — sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. sp5xdec.c en el decodificador Sunplus SP5X JPEG en libavcodec en FFmpeg antes de v0.6.3 y libav hasta v0.6.2, tal y como ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •