Vulnerabilities > Libav > Libav > 12.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-19 | CVE-2019-9720 | Classic Buffer Overflow vulnerability in Libav A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. | 7.1 |
2019-09-19 | CVE-2019-9719 | Out-of-bounds Write vulnerability in Libav A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. | 8.8 |
2019-09-19 | CVE-2019-9717 | Improper Input Validation vulnerability in Libav In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf. | 7.1 |
2018-03-23 | CVE-2017-18247 | NULL Pointer Dereference vulnerability in Libav 12.2 The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file. | 4.3 |
2018-03-23 | CVE-2017-18246 | Out-of-bounds Read vulnerability in Libav 12.2 The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file. | 4.3 |
2018-03-23 | CVE-2017-18245 | Out-of-bounds Read vulnerability in Libav 12.2 The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file. | 4.3 |
2018-03-22 | CVE-2017-18244 | Out-of-bounds Read vulnerability in Libav 12.2 The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply. | 4.3 |
2018-03-22 | CVE-2017-18243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.2 The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file. | 4.3 |
2018-03-22 | CVE-2017-18242 | Out-of-bounds Read vulnerability in Libav 12.2 The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file. | 4.3 |
2018-01-18 | CVE-2018-5766 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. | 6.8 |