Page 53 of 276 results (0.110 seconds)

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 1

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. Múltiples desbordamientos de entero en FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar código arbitrario a través de un fichero manipulado que (1) evita la comprobación de vorbis_dec.c e inicia un cruce del puntero de la pila, o (2) un acceso a un puntero fuera del rango de la memoria en mov.c, relacionado con el tag elst que aparece antes de un tag y crea un stream. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http&# • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 1

The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. La funcion av_rescale_rnd en AVI demuxer en FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (caída) a través de un fichero AVI manipulado que inicia un error de división por cero. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/39482 http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories? • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 1

Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption. Error de superación de límite (Off-by-one) en el decodificador VP3 en FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar código arbitrario a través de un fichero VP3 manipulado que inicia una lectura fuera de rango y posiblemente una corrupción de memoria. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://www.debian.org/security/2010/dsa-2000 http://www.securityfocus.com/bid/36465 https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240 https://roundup.ffmpeg.org/roundup/ffmpeg/issue1483 • CWE-189: Numeric Errors •

CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 1

Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. Error de indexación de array en vorbis_dec.c in FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar y posiblemente ejecutar código arbitrario a través de un fichero Vorbis manipulado que inicia una lectura fuera de rango. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:112 http&# • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 16%CPEs: 1EXPL: 2

FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow. FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores desconocidos que inicia un desbordamiento de búfer basado en pila. • https://www.exploit-db.com/exploits/33233 http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.debian.org/security/2010/dsa-2000 http://www.securityfocus.com/bid/36465 http://www.ubuntu.com/usn/USN-931-1 http://www.vupen.com/english/advisories/2010/0935 https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •