CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Ffmpeg : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-3062 119 DoS Exec Code Overflow Mem. Corr. 2016-06-16 2016-08-17
6.8
None Remote Medium Not required Partial Partial Partial
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
2 CVE-2016-2330 119 DoS Overflow 2016-02-12 2016-05-25
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions.
3 CVE-2016-2329 119 DoS Overflow 2016-02-12 2016-08-17
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF file, related to the tiff_decode_tag and decode_frame functions.
4 CVE-2016-2328 119 DoS Overflow 2016-02-12 2016-03-03
6.8
None Remote Medium Not required Partial Partial Partial
libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the bayer_to_rgb24_wrapper and bayer_to_yv12_wrapper functions.
5 CVE-2016-2327 119 DoS Overflow 2016-02-12 2016-03-01
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions.
6 CVE-2016-2326 119 DoS Overflow 2016-02-12 2016-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
7 CVE-2015-8365 119 DoS Overflow 2015-11-26 2016-06-28
6.8
None Remote Medium Not required Partial Partial Partial
The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data.
8 CVE-2015-8364 189 DoS Overflow 2015-11-26 2016-05-27
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data.
9 CVE-2015-8363 119 DoS Overflow 2015-11-26 2015-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers.
10 CVE-2015-8218 20 DoS 2015-11-16 2015-11-17
6.8
None Remote Medium Not required Partial Partial Partial
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.
11 CVE-2015-6761 362 DoS Mem. Corr. 2015-10-15 2015-10-15
6.8
None Remote Medium Not required Partial Partial Partial
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.
12 CVE-2015-3417 DoS 2015-04-24 2015-06-25
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.
13 CVE-2015-3395 119 Overflow 2015-06-16 2016-05-19
6.8
None Remote Medium Not required Partial Partial Partial
The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.
14 CVE-2015-1872 119 DoS Overflow 2015-07-26 2016-08-02
6.8
None Remote Medium Not required Partial Partial Partial
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data.
15 CVE-2014-9676 DoS Exec Code 2015-02-27 2015-03-02
6.8
None Remote Medium Not required Partial Partial Partial
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.
16 CVE-2014-5272 119 Overflow 2014-11-03 2014-11-04
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats.
17 CVE-2014-2263 119 Overflow 2014-02-28 2015-08-12
6.8
None Remote Medium Not required Partial Partial Partial
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.
18 CVE-2014-2099 189 DoS 2014-03-01 2014-03-03
6.8
None Remote Medium Not required Partial Partial Partial
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data.
19 CVE-2014-2098 119 DoS Overflow Mem. Corr. 2014-03-01 2014-03-03
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data.
20 CVE-2014-2097 20 DoS 2014-03-01 2014-03-03
6.8
None Remote Medium Not required Partial Partial Partial
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data.
21 CVE-2013-7024 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
22 CVE-2013-7023 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
23 CVE-2013-7022 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.
24 CVE-2013-7021 399 DoS 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data.
25 CVE-2013-7020 119 DoS Overflow 2013-12-09 2016-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.
26 CVE-2013-7019 20 DoS 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
27 CVE-2013-7018 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
28 CVE-2013-7017 DoS 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data.
29 CVE-2013-7016 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
30 CVE-2013-7015 20 DoS 2013-12-09 2014-03-08
6.8
None Remote Medium Not required Partial Partial Partial
The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data.
31 CVE-2013-7014 189 DoS 2013-12-09 2014-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data.
32 CVE-2013-7013 189 DoS 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.
33 CVE-2013-7012 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
34 CVE-2013-7011 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.
35 CVE-2013-7010 189 DoS 2013-12-09 2014-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
36 CVE-2013-7009 119 DoS Overflow 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data.
37 CVE-2013-7008 DoS 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data.
38 CVE-2012-0859 119 DoS Exec Code Overflow 2012-08-20 2013-01-29
6.8
None Remote Medium Not required Partial Partial Partial
The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Vorbis file, related to a large multiplier. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3893.
39 CVE-2012-0858 399 DoS Exec Code 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free".
40 CVE-2012-0853 20 DoS Exec Code 2012-08-20 2012-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (infinite loop and crash) and possibly execute arbitrary code via a large component count in an Atrac 3 file.
41 CVE-2012-0852 119 DoS Exec Code Overflow 2012-08-20 2013-01-29
6.8
None Remote Medium Not required Partial Partial Partial
The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two.
42 CVE-2012-0851 119 DoS Exec Code Overflow 2012-08-20 2013-12-12
6.8
None Remote Medium Not required Partial Partial Partial
The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value.
43 CVE-2011-4364 119 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams.
44 CVE-2011-4352 189 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.
45 CVE-2011-3952 20 DoS Exec Code 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.
46 CVE-2011-3951 119 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.
47 CVE-2011-3950 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.
48 CVE-2011-3949 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data.
49 CVE-2011-3947 119 DoS Exec Code Overflow 2012-08-20 2012-10-29
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MJPEG-B file.
50 CVE-2011-3946 399 2013-12-09 2013-12-10
6.8
None Remote Medium Not required Partial Partial Partial
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop.
Total number of vulnerabilities : 62   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.