Vulnerabilities > Libav > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-19 | CVE-2019-9720 | Classic Buffer Overflow vulnerability in Libav A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. | 7.1 |
2019-09-19 | CVE-2019-9719 | Out-of-bounds Write vulnerability in Libav A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. | 8.8 |
2019-09-19 | CVE-2019-9717 | Improper Input Validation vulnerability in Libav In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf. | 7.1 |
2017-05-18 | CVE-2017-9051 | NULL Pointer Dereference vulnerability in Libav libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. | 7.5 |
2016-06-16 | CVE-2016-3062 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. | 8.8 |