Vulnerabilities > Ffmpeg

DATE CVE VULNERABILITY TITLE RISK
2017-09-07 CVE-2017-14170 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-09-07 CVE-2017-14169 Improper Input Validation vulnerability in multiple products
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xffffffff, is provided.
network
low complexity
ffmpeg debian CWE-20
8.8
8.8
2017-08-31 CVE-2017-14059 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-08-31 CVE-2017-14058 Infinite Loop vulnerability in Ffmpeg 3.3.3
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).
network
low complexity
ffmpeg CWE-835
6.5
6.5
2017-08-31 CVE-2017-14057 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-08-31 CVE-2017-14056 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-08-31 CVE-2017-14055 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-08-31 CVE-2017-14054 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption.
network
low complexity
ffmpeg CWE-834
6.5
6.5
2017-08-28 CVE-2013-0870 Unspecified vulnerability in Ffmpeg 1.1.4
The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check.
network
low complexity
ffmpeg
critical
 9.8
9.8
2017-08-28 CVE-2012-2805 Improper Resource Shutdown or Release vulnerability in Ffmpeg 0.10
Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service.
network
low complexity
ffmpeg CWE-404
7.5
7.5