Vulnerabilities > Ffmpeg > Ffmpeg > 0.4.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-29 | CVE-2011-3504 | Code Injection vulnerability in Ffmpeg The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |
| 2011-05-20 | CVE-2011-2162 | Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." | 10.0 |
| 2011-05-20 | CVE-2011-2161 | Resource Management Errors vulnerability in Ffmpeg The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames. | 4.3 |
| 2011-05-20 | CVE-2011-2160 | Improper Input Validation vulnerability in multiple products The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723. | 9.3 |
| 2011-05-20 | CVE-2011-0722 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. | 6.8 |
| 2011-05-20 | CVE-2010-3908 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. | 6.8 |
| 2008-11-01 | CVE-2008-4869 | Resource Management Errors vulnerability in Ffmpeg FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." | 10.0 |
| 2008-11-01 | CVE-2008-4868 | Remote Security vulnerability in FFmpeg Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers." | 10.0 |
| 2008-11-01 | CVE-2008-4867 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value. | 10.0 |
| 2008-11-01 | CVE-2008-4866 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY. | 10.0 |