Vulnerabilities > Libav > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-12-04 CVE-2017-17129 NULL Pointer Dereference vulnerability in Libav 12.2
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
network
libav CWE-476
6.8
2017-12-04 CVE-2017-17128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.2
The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file.
network
libav CWE-119
4.3
2017-12-04 CVE-2017-17127 NULL Pointer Dereference vulnerability in Libav 12.2
The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
network
libav CWE-476
4.3
2017-11-13 CVE-2017-16803 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav
In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream.
network
low complexity
libav CWE-119
5.0
2017-07-27 CVE-2017-11684 Unspecified vulnerability in Libav 12.1
There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.
network
low complexity
libav
5.0
2017-06-28 CVE-2017-9987 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.1
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1.
network
low complexity
libav CWE-119
5.0
2017-03-21 CVE-2017-7208 Out-of-bounds Read vulnerability in Libav 9.21
The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
network
libav CWE-125
5.8
2017-03-21 CVE-2017-7206 Out-of-bounds Read vulnerability in Libav 9.21
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
network
libav CWE-125
5.8
2017-03-01 CVE-2016-9826 Numeric Errors vulnerability in Libav 11.8
libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
network
libav CWE-189
4.3
2017-03-01 CVE-2016-9825 Numeric Errors vulnerability in Libav 11.8
libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
network
libav CWE-189
4.3