VYPR

Libavcodec

by FFmpeg

Source repositories

CVEs (9)

  • CVE-2017-14796HigSep 28, 2017
    risk 0.57cvss 8.8epss 0.02

    The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in…

  • CVE-2017-11399HigJul 17, 2017
    risk 0.51cvss 7.8epss 0.02

    Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.

  • CVE-2012-5361HigMar 20, 2017
    risk 0.51cvss 7.8epss 0.03

    Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file.

  • CVE-2012-2792Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame.

  • CVE-2012-0857Aug 20, 2012
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2011-3974Oct 2, 2011
    risk 0.00cvss epss 0.03

    Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese…

  • CVE-2010-3429Sep 30, 2010
    risk 0.00cvss epss 0.04

    flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

  • CVE-2008-4868Nov 1, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."

  • CVE-2005-4048Dec 7, 2005
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG…

VYPR — Vulnerability Intelligence