Vulnerabilities > Ffmpeg > Ffmpeg > 0.4.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-09 | CVE-2013-7013 | Numeric Errors vulnerability in Ffmpeg The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | 6.8 |
2013-12-09 | CVE-2013-7012 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | 6.8 |
2013-12-09 | CVE-2013-7011 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | 6.8 |
2013-12-09 | CVE-2013-7009 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | 6.8 |
2013-12-09 | CVE-2013-7008 | Unspecified vulnerability in Ffmpeg The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. network ffmpeg | 6.8 |
2013-12-09 | CVE-2011-4351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2013-11-23 | CVE-2013-4265 | Memory Corruption vulnerability in FFmpeg The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference. | 10.0 |
2013-11-23 | CVE-2013-4264 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service (out-of-bounds heap write) via a G2M4 encoded file. | 4.3 |
2013-11-23 | CVE-2013-4263 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write. | 7.5 |
2012-08-20 | CVE-2012-0857 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors. | 5.0 |