National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:ffmpeg:ffmpeg:0.4.7
There are 251 matching records.
Displaying matches 241 through 251.
Vuln ID Summary CVSS Severity
CVE-2010-3908

FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.

Published: May 20, 2011; 06:55:02 PM -04:00
    V2: 6.8 MEDIUM
CVE-2010-4704

libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-2011-0480.

Published: January 22, 2011; 05:00:04 PM -05:00
    V2: 4.3 MEDIUM
CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

Published: September 30, 2010; 11:00:03 AM -04:00
    V2: 6.8 MEDIUM
CVE-2009-0385

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

Published: February 02, 2009; 02:30:00 PM -05:00
    V2: 9.3 HIGH
CVE-2008-4869

FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."

Published: October 31, 2008; 08:00:01 PM -04:00
    V2: 10.0 HIGH
CVE-2008-4868

Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."

Published: October 31, 2008; 08:00:01 PM -04:00
    V2: 10.0 HIGH
CVE-2008-4867

Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.

Published: October 31, 2008; 08:00:01 PM -04:00
    V2: 10.0 HIGH
CVE-2008-4866

Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY.

Published: October 31, 2008; 08:00:01 PM -04:00
    V2: 10.0 HIGH
CVE-2008-3162

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

Published: July 14, 2008; 07:41:00 PM -04:00
    V2: 9.3 HIGH
CVE-2006-4800

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

Published: September 14, 2006; 06:07:00 PM -04:00
    V2: 7.5 HIGH
CVE-2005-4048

Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.

Published: December 07, 2005; 06:03:00 AM -05:00
    V2: 7.5 HIGH