Vulnerabilities > Ffmpeg > Ffmpeg > 1.0.5

DATE CVE VULNERABILITY TITLE RISK
2017-01-23 CVE-2016-6164 Integer Overflow or Wraparound vulnerability in Ffmpeg
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.
network
low complexity
ffmpeg CWE-190
critical
 9.8
9.8
2016-12-23 CVE-2016-9561 Resource Management Errors vulnerability in Ffmpeg
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
local
low complexity
ffmpeg CWE-399
5.5
5.5
2016-12-23 CVE-2016-8595 Improper Input Validation vulnerability in Ffmpeg
The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.
local
low complexity
ffmpeg CWE-20
5.5
5.5
2016-12-23 CVE-2016-7905 NULL Pointer Dereference vulnerability in Ffmpeg
The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file.
local
low complexity
ffmpeg CWE-476
5.5
5.5
2016-12-23 CVE-2016-7785 Improper Input Validation vulnerability in Ffmpeg
The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.
local
low complexity
ffmpeg CWE-20
5.5
5.5
2016-12-23 CVE-2016-7562 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.
local
low complexity
ffmpeg CWE-119
5.5
5.5
2016-12-23 CVE-2016-7555 Information Exposure vulnerability in Ffmpeg
The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure.
local
low complexity
ffmpeg CWE-200
5.5
5.5
2016-12-23 CVE-2016-7502 Out-of-bounds Read vulnerability in Ffmpeg
The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode.
local
low complexity
ffmpeg CWE-125
7.8
7.8
2016-12-23 CVE-2016-7450 Out-of-bounds Read vulnerability in Ffmpeg
The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file.
local
low complexity
ffmpeg CWE-125
7.8
7.8
2016-12-23 CVE-2016-7122 Resource Management Errors vulnerability in Ffmpeg
The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.
local
low complexity
ffmpeg CWE-399
5.5
5.5