Vendor CVEs
FFmpeg
All CVEs
510 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-4632 | 0.00 | — | 0.02 | Feb 10, 2010 | oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. | |||
| CVE-2009-4631 | 0.00 | — | 0.05 | Feb 10, 2010 | Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption. | |||
| CVE-2008-4869 | 0.00 | — | 0.02 | Nov 1, 2008 | FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." | |||
| CVE-2008-4868 | 0.00 | — | 0.02 | Nov 1, 2008 | Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers." | |||
| CVE-2008-4867 | 0.00 | — | 0.02 | Nov 1, 2008 | Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value. | |||
| CVE-2008-4866 | 0.00 | — | 0.05 | Nov 1, 2008 | Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY. | |||
| CVE-2008-3230 | 0.00 | — | 0.00 | Jul 18, 2008 | The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif. | |||
| CVE-2006-4800 | 0.00 | — | 0.05 | Sep 14, 2006 | Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c,… | |||
| CVE-2006-4799 | 0.00 | — | 0.03 | Sep 14, 2006 | Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802. | |||
| CVE-2005-4048 | 0.00 | — | 0.05 | Dec 7, 2005 | Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG… |
- CVE-2009-4632Feb 10, 2010risk 0.00cvss —epss 0.02
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.
- CVE-2009-4631Feb 10, 2010risk 0.00cvss —epss 0.05
Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.
- CVE-2008-4869Nov 1, 2008risk 0.00cvss —epss 0.02
FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."
- CVE-2008-4868Nov 1, 2008risk 0.00cvss —epss 0.02
Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."
- CVE-2008-4867Nov 1, 2008risk 0.00cvss —epss 0.02
Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.
- CVE-2008-4866Nov 1, 2008risk 0.00cvss —epss 0.05
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY.
- CVE-2008-3230Jul 18, 2008risk 0.00cvss —epss 0.00
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.
- CVE-2006-4800Sep 14, 2006risk 0.00cvss —epss 0.05
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c,…
- CVE-2006-4799Sep 14, 2006risk 0.00cvss —epss 0.03
Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
- CVE-2005-4048Dec 7, 2005risk 0.00cvss —epss 0.05
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG…
Page 11 of 11