CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7450 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7450
23 Dec 2016 — The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file. La función ff_log2_16bit_c en libavutil/intmath.h en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una lectura de memoria fuera de límites cuando codifica un archivo AIFF malformado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7502 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7502
23 Dec 2016 — The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode. La función cavs_idct8_add_c en libavcodec/cavsdsp.c en FFmpeg en versioenes anteriores a 3.1.4 es vulnerable a una lectura de memoria fuera de límites cuando decodifica cavs_decode. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.8.10 are affecte... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7555 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7555
23 Dec 2016 — The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure. La función avi_read_header en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 es vulnerable a una perdida de memoria cuando decodifica un archivo AVI que tiene uns estructura "strh" manipulada. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service conditio... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7562 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7562
23 Dec 2016 — The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file. La función ff_draw_pc_font en libavcodec/cga_data.c en FFmpeg en versiones anteriores a 3.1.4 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer) a través de un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial o... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7122 – Gentoo Linux Security Advisory 201701-71
https://notcve.org/view.php?id=CVE-2016-7122
23 Dec 2016 — The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure. La función avi_read_nikon en libavformat/avidec.c en FFmpeg en versiones anteriores a 3.1.4 es vulnerable al bucle infinito cuando decodifica un archivo AVI que tiene una estructura 'nctg' manipulada. Multiple vulnerabilities have been found in FFmpeg, the worst of which may allow remote attackers to cause a Denial of Service condition. Ve... • http://www.openwall.com/lists/oss-security/2016/10/08/1 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9561
https://notcve.org/view.php?id=CVE-2016-9561
23 Dec 2016 — The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file. La función che_configure en libavcodec/aacdec_template.c en FFmpeg en versiones anteriores a 3.2.1 permite a atacantes remotos provocar una denegación de servicio (gran asignación de memoria y siendo aniquilado por el SO) a través de un archivo MOV manipulado. • http://www.openwall.com/lists/oss-security/2016/12/08/1 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 5%CPEs: 5EXPL: 0CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
07 Dec 2005 — Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •