Search Results (Refine Search)
- CPE Product Version: cpe:/a:ffmpeg:ffmpeg:0.10.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-2495 |
The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handle data sizes for Interchange File Format (IFF) data during operations involving a CMAP chunk or a video codec, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) or possibly have unspecified other impact via a crafted header. Published: March 09, 2013; 6:55:01 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-2277 |
The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted H.264 data. Published: February 27, 2013; 11:55:02 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-2276 |
The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data. Published: February 27, 2013; 11:55:02 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-0894 |
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Published: February 23, 2013; 4:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2012-2804 |
Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width. Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2803 |
Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2802 |
Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2801 |
Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2800 |
Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small array." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2799 |
Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2798 |
Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2797 |
Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enough." Published: September 10, 2012; 6:55:04 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2796 |
Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2795 |
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2794 |
Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2793 |
Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "too many zeros." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2792 |
Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame. Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2791 |
Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform size." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2790 |
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode." Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-2789 |
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients (num_vec_coeffs). Published: September 10, 2012; 6:55:03 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |