Vulnerabilities > Ffmpeg > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-02-09 CVE-2016-10192 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
network
low complexity
ffmpeg CWE-119
critical
 9.8
9.8
2017-02-09 CVE-2016-10191 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
network
low complexity
ffmpeg CWE-119
critical
 9.8
9.8
2017-02-09 CVE-2016-10190 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
network
low complexity
ffmpeg CWE-119
critical
 9.8
9.8
2017-01-23 CVE-2016-6164 Integer Overflow or Wraparound vulnerability in Ffmpeg
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.
network
low complexity
ffmpeg CWE-190
critical
 9.8
9.8