CVSS: 10.0EPSS: 0%CPEs: 69EXPL: 0CVE-2012-2803 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-2803
10 Sep 2012 — Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. Una vulnerabilidad de doble liberación en la función mpeg_decode_frame de libavcodec/mpeg12.c en FFmpeg antes de v0.11 tiene un impacto y vectores de ataque desconocidos. Se trata de un problema relacionado con el cambio del valor del tamaño de los datos It was discovered... • http://ffmpeg.org/security.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0CVE-2012-2804 – Gentoo Linux Security Advisory 201406-28
https://notcve.org/view.php?id=CVE-2012-2804
10 Sep 2012 — Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width. Una vulnerabilidad no especificada en libavcodec/indeo3.c en FFmpeg antes de v0.11 tiene un impacto y vectores de ataque desconocidos, relacionados con una "reasignación de código" y la altura y anchura del plano 'luma' o de luminancia. It was discovered that Libav incorrectly handled certain malformed media f... • http://ffmpeg.org/security.html •
CVSS: 8.8EPSS: 2%CPEs: 38EXPL: 0CVE-2012-0852 – Gentoo Linux Security Advisory 201210-06
https://notcve.org/view.php?id=CVE-2012-0852
14 Jun 2012 — The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. La función adpcm_decode_frame en adpcm.c en libavcodec de FFmpeg antes en v0.9.1 y v0.5.x antes en Libav v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y ... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 37EXPL: 0CVE-2011-3951 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3951
14 Jun 2012 — The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file. La función dpcm_decode_frame en dpcm.c en libavcodec de FFmpeg antes de v0.10 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6 y v0.8.x antes de v0.8.1 ... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 62EXPL: 0CVE-2011-3952 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3952
14 Jun 2012 — The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. La función decode_init en kmvc.c en libavcodec de FFmpeg antes de v0.10 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes de v0.6.6, v0.7.x antes de v0.7.6, y v0.8.x antes de v0.8.1 permite... • http://ffmpeg.org • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 38EXPL: 0CVE-2012-0851 – Gentoo Linux Security Advisory 201210-06
https://notcve.org/view.php?id=CVE-2012-0851
14 Jun 2012 — The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. La función ff_h264_decode_seq_parameter_set en h264_ps.c en libavcodec en FFmpeg antes de v0.9.1 y en Libav v0.5.x antes de v0.5.9, v0.6.x antes ... • http://ffmpeg.org/security.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 33EXPL: 0CVE-2012-0858 – Gentoo Linux Security Advisory 201210-06
https://notcve.org/view.php?id=CVE-2012-0858
15 May 2012 — The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free". El codec Shorten (shorten.c) en libavcodec de FFmpeg en v0.7.x antes de v0.7.12 y v0.8.x antes de v0.8.11, y en Libav v0.5.x antes de v0.5.9, v0.6.x ... • http://ffmpeg.org • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 95EXPL: 0CVE-2011-3937 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3937
15 May 2012 — The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads." El codificador-decodificador H.263 (libavcodec/h263dec.c) en FFmpeg versión 0.7.x anterior a 0.7.12, versión 0.8.x anterior a 0.8.11, y versiones no específicas anterior a 0.10, y en Libav v... • http://ffmpeg.org/security.html •
CVSS: 8.8EPSS: 2%CPEs: 40EXPL: 0CVE-2011-3945 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2011-3945
15 May 2012 — The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file. La función decode_frame en el decodificador KVG1 (kgv1dec.c) en libavcodec en FFmpeg v0.7.x anterior a v0.7.12 y v0.8.x anterior a v0.8.11, y en Libav v0.5.x anterio... • http://ffmpeg.org • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 40EXPL: 1CVE-2012-0853 – Gentoo Linux Security Advisory 201210-06
https://notcve.org/view.php?id=CVE-2012-0853
14 May 2012 — The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (infinite loop and crash) and possibly execute arbitrary code via a large component count in an Atrac 3 file. La función decodeTonalComponents en el codec Actrac3 (atrac3.c) en libavcodec de FFmpeg v0.7.x antes de v0.7.12, y v... • http://ffmpeg.org/trac/ffmpeg/ticket/780 • CWE-20: Improper Input Validation •