Vulnerabilities > Libav

DATE CVE VULNERABILITY TITLE RISK
2017-02-15 CVE-2016-8676 NULL Pointer Dereference vulnerability in Libav
The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file.
local
low complexity
libav CWE-476
5.5
2017-02-15 CVE-2016-8675 NULL Pointer Dereference vulnerability in Libav
The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection.
local
low complexity
libav CWE-476
5.5
2017-02-15 CVE-2016-7499 Divide By Zero vulnerability in Libav 11.7
The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.
local
low complexity
libav CWE-369
5.5
2017-02-15 CVE-2016-7477 NULL Pointer Dereference vulnerability in Libav 11.7
The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file.
local
low complexity
libav CWE-476
5.5
2017-02-15 CVE-2016-7393 Out-of-bounds Read vulnerability in Libav
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
local
low complexity
libav CWE-125
5.5
2017-02-15 CVE-2016-6832 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing.
local
low complexity
libav CWE-119
5.5
2016-10-07 CVE-2016-7424 NULL Pointer Dereference vulnerability in multiple products
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.
local
low complexity
debian libav CWE-476
5.5
2016-06-16 CVE-2016-3062 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
network
low complexity
libav ffmpeg debian opensuse CWE-119
8.8
2016-04-19 CVE-2015-5479 Numeric Errors vulnerability in multiple products
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
network
low complexity
ubuntu libav opensuse CWE-189
6.5