VYPR

Ffmpeg

by FFmpeg

Source repositories

CVEs (507)

  • CVE-2013-2277Feb 27, 2013
    risk 0.00cvss epss 0.02

    The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash)…

  • CVE-2013-2276Feb 27, 2013
    risk 0.00cvss epss 0.01

    The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or…

  • CVE-2013-0894Feb 23, 2013
    risk 0.00cvss epss 0.02

    Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote…

  • CVE-2011-3937Jan 5, 2013
    risk 0.00cvss epss 0.02

    The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to…

  • CVE-2012-2882Sep 26, 2012
    risk 0.00cvss epss 0.02

    FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.

  • CVE-2012-2804Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width.

  • CVE-2012-2803Sep 10, 2012
    risk 0.00cvss epss 0.03

    Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value.

  • CVE-2012-2802Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes."

  • CVE-2012-2801Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes."

  • CVE-2012-2800Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers…

  • CVE-2012-2799Sep 10, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset."

  • CVE-2012-2798Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."

  • CVE-2012-2797Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enough."

  • CVE-2012-2796Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes."

  • CVE-2012-2795Sep 10, 2012
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()."

  • CVE-2012-2794Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters."

  • CVE-2012-2793Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "too many zeros."

  • CVE-2012-2792Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame.

  • CVE-2012-2791Sep 10, 2012
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related…

  • CVE-2012-2790Sep 10, 2012
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode."

Page 22 of 26