CVE-2009-4633
https://notcve.org/view.php?id=CVE-2009-4633
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. vorbis_dec.c en FFmpeg v0.5 utiliza un operador de asignación cuando el generador estaba destinado a una comparación, lo que permite a atacantes remotos producir una denegación de servicio y posiblemente ejecutar codigo arbitrario a través de un fichero manipulado que modifica el contador de bucle e inicia un desbordamiento de búfer de memoria libre. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:112 http • CWE-189: Numeric Errors •
CVE-2009-4632
https://notcve.org/view.php?id=CVE-2009-4632
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. oggparsevorbis.c en FFmpeg v0.5 no realiza correctamente cierto puntero aritmético, lo que permite a atacantes remotos obtener información de contenidos sensibles de memoria y producir una denegación de servicio a través de un fichero que inicia una lectura fuera de rango. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:112 http • CWE-189: Numeric Errors •
CVE-2009-4636
https://notcve.org/view.php?id=CVE-2009-4636
FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. FFmpeg v0.5 permite a atacantes remotos producir una denegación de servicio (colgado) a través de un fichero manipulado que inicia un bucle infinito. • http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:062 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:089 http://www.mandriva.com/security/advisorie • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0385
https://notcve.org/view.php?id=CVE-2009-0385
Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. Error de presencia de signo en entero en la función fourxm_read_header en libavformat/4xm.c en FFmpeg versiones anteriores a revision 16846 permite a atacantes remotos ejecutar código de su elección a través de un fichero de vídeo 4X malformado con un valor largo current_track, lo cual dispara un puntero de referencia NULL. • http://git.ffmpeg.org/?p=ffmpeg%3Ba=commitdiff%3Bh=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17 http://osvdb.org/51643 http://secunia.com/advisories/33711 http://secunia.com/advisories/34296 http://secunia.com/advisories/34385 http://secunia.com/advisories/34712 http://secunia.com/advisories/34845 http://secunia.com/advisories/34905 http://security.gentoo.org/glsa/glsa-200903-33.xml http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846&pathrev=16846 http://svn.mplaye •
CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 http://cvs.freedesktop.org/gstreamer/gst-ffmpeg/ChangeLog?rev=1.239&view=markup http://secunia.com/advisories/17892 http://secunia.com/advisories/18066 http://secunia.com/advisories/18087 http://secunia.com/advisories/18107 http://secunia.com/advisories/18400 http://secunia.com/advisories/18739 http://secunia.com/advisories/18746 http://secunia.com/advisories/19114 http://secunia.com/advisories/19192 http://secunia • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •