Vulnerabilities > Ffmpeg > Ffmpeg > 0.10.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-09 | CVE-2013-7019 | Improper Input Validation vulnerability in Ffmpeg The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7018 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7017 | Unspecified vulnerability in Ffmpeg libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. network ffmpeg | 6.8 |
2013-12-09 | CVE-2013-7016 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7015 | Improper Input Validation vulnerability in Ffmpeg The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data. | 6.8 |
2013-12-09 | CVE-2013-7013 | Numeric Errors vulnerability in Ffmpeg The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | 6.8 |
2013-12-09 | CVE-2013-7012 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7011 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | 6.8 |
2013-12-09 | CVE-2013-7009 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | 6.8 |
2013-12-09 | CVE-2013-7008 | Unspecified vulnerability in Ffmpeg The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. network ffmpeg | 6.8 |