Page 6 of 257 results (0.011 seconds)

CVSS: 9.8EPSS: 6%CPEs: 14EXPL: 0

09 Feb 2017 — Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size. Desbordamiento de búfer basado en memoria dinámica en ffserver.c en FFmpeg en versiones anteriores a 2.8.10, 3.0.x en versiones anteriores a 3.0.5, 3.1.x en versiones anteriores a 3.1.6 y 3.2.x en versiones anteriores a 3.2.2 permite a atacantes remotos ejecutar código arbitrario aprovecha... • http://www.openwall.com/lists/oss-security/2017/01/31/12 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

23 Jan 2017 — Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size. Desbordamiento de entero en la función mov_build_index en libavformat/mov.c en FFmpeg en versiones anteriores a 2.8.8, 3.0.x en versiones anteriores a 3.0.3 y 3.1.x en versiones anteriores a 3.1.1 permite a atacantes remotos tener un impacto no especificado a través de vectores que implica... • http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit%3Bh=8a3221cc67a516dfc1700bdae3566ec52c7ee823 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode. La función cavs_idct8_add_c en libavcodec/cavsdsp.c en FFmpeg en versioenes anteriores a 3.1.4 es vulnerable a una lectura de memoria fuera de límites cuando decodifica cavs_decode. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8.10 are affecte... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file. La función avi_read_seek en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 permite a atacantes remotos provocar una denegación de servicio (fallo de asertividad) a través de un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service co... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file. La función read_gab2_sub function en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 permite a atacantes remotos provocar una denegación de servicio (puntero NULL utilizado) a través de un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Deni... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file. La función zlib_refill en libavformat/swfdec.c en FFmpeg en versiones anteriroes a 3.1.3 permite a atacantes remotos provocar una denegación de servicio de bucle infinito a través de un archivo manipulado SWF. • http://www.openwall.com/lists/oss-security/2016/09/26/6 • CWE-399: Resource Management Errors •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure. La función avi_read_nikon en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 es vulnerable al bucle infinito cuando decodifica un archivo AVI que tiene una estructura 'nctg' manipulada. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Ve... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file. La función ff_log2_16bit_c en libavutil/intmath.h en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una lectura de memoria fuera de límites cuando codifica un archivo AIFF malformado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file. La función raw_decode en libavcodec/rawdec.c en FFmpeg en versiones anteriores a 3.1.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar un código arbitrario a través del archivo manipulado SWF. • http://www.openwall.com/lists/oss-security/2016/08/12/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

23 Dec 2016 — The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure. La función avi_read_header en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una perdida de memoria cuando decodifica un archivo AVI que tiene uns estructura "strh" manipulada. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service conditio... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •