Filtered by vendor Ffmpeg Subscriptions
Filtered by product Ffmpeg Subscriptions
Total 444 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-3950 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.
CVE-2011-3949 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data.
CVE-2011-3947 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MJPEG-B file.
CVE-2011-3946 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop.
CVE-2011-3945 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file.
CVE-2011-3944 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data.
CVE-2011-3941 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write.
CVE-2011-3940 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams."
CVE-2011-3937 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads."
CVE-2011-3936 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file.
CVE-2011-3935 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size.
CVE-2011-3934 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data.
CVE-2011-3929 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file.
CVE-2011-3504 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file.
CVE-2011-3362 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 N/A
Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.
CVE-2011-2162 3 Ffmpeg, Mandriva, Mplayerhq 5 Ffmpeg, Corporate Server, Enterprise Server and 2 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
CVE-2011-2161 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames.
CVE-2011-2160 2 Ffmpeg, Mplayerhq 2 Ffmpeg, Mplayer 2024-11-21 N/A
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.
CVE-2011-1931 3 Ffmpeg, Libav, Videolan 4 Ffmpeg, Libavcodec, Libav and 1 more 2024-11-21 N/A
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
CVE-2011-0723 2 Ffmpeg, Mplayer 2 Ffmpeg, Mplayer 2024-11-21 N/A
FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.