Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): .avi
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-25803 |
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. Published: July 26, 2021; 1:15:07 PM -0400 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2021-25802 |
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. Published: July 26, 2021; 1:15:07 PM -0400 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2021-25801 |
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. Published: July 26, 2021; 1:15:07 PM -0400 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2013-7185 |
PotPlayer 1.5.40688: .avi File Memory Corruption Published: January 14, 2020; 10:15:12 AM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-18233 |
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. Published: March 15, 2018; 3:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-2327 |
libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions. Published: February 12, 2016; 12:59:01 AM -0500 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2014-3735 |
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file. Published: May 19, 2014; 10:55:12 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-5261 |
Untrusted search path vulnerability in SnowFox Total Video Converter 2.5.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information. Published: September 07, 2012; 6:32:22 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-5231 |
Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Trojan horse VersionCheckDLL.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: September 07, 2012; 6:32:19 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-5228 |
Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 allows local users to gain privileges via a Trojan horse rio500.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information. Published: September 07, 2012; 6:32:19 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-3138 |
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information. Published: August 27, 2010; 3:00:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-1042 |
Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: March 22, 2010; 8:53:22 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-4938 |
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Published: September 18, 2007; 3:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2007-4939 |
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values. Published: September 18, 2007; 3:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4940 |
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values. Published: September 18, 2007; 3:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-4941 |
KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values. Published: September 18, 2007; 3:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2007-0562 |
Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file. Published: January 30, 2007; 11:28:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-2052 |
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. Published: June 28, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |