VYPR

libavcodec

by Libav

CVEs (9)

  • CVE-2017-17130HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.02

    The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv.

  • CVE-2017-17129HigDec 4, 2017
    risk 0.57cvss 8.8epss 0.01

    The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

  • CVE-2017-11684HigJul 27, 2017
    risk 0.49cvss 7.5epss 0.02

    There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.

  • CVE-2017-18244MedMar 22, 2018
    risk 0.42cvss 6.5epss 0.01

    The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.

  • CVE-2017-18243MedMar 22, 2018
    risk 0.42cvss 6.5epss 0.01

    The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.

  • CVE-2017-18242MedMar 22, 2018
    risk 0.42cvss 6.5epss 0.01

    The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.

  • CVE-2017-1000460MedJan 3, 2018
    risk 0.42cvss 6.5epss 0.00

    In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.

  • CVE-2017-17128MedDec 4, 2017
    risk 0.42cvss 6.5epss 0.01

    The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file.

  • CVE-2017-17127MedDec 4, 2017
    risk 0.42cvss 6.5epss 0.02

    The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.