Vulnerabilities > Libav > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-15 CVE-2016-7477 NULL Pointer Dereference vulnerability in Libav 11.7
The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file.
local
low complexity
libav CWE-476
5.5
2017-02-15 CVE-2016-7393 Out-of-bounds Read vulnerability in Libav
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
local
low complexity
libav CWE-125
5.5
2017-02-15 CVE-2016-6832 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing.
local
low complexity
libav CWE-119
5.5
2016-10-07 CVE-2016-7424 NULL Pointer Dereference vulnerability in multiple products
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.
local
low complexity
debian libav CWE-476
5.5
2016-04-19 CVE-2015-5479 Numeric Errors vulnerability in multiple products
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
network
low complexity
ubuntu libav opensuse CWE-189
6.5