The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.
Max CVSS
6.8
EPSS Score
0.80%
Published
2013-12-09
Updated
2016-12-03
The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data.
Max CVSS
6.8
EPSS Score
0.80%
Published
2013-12-09
Updated
2016-12-03
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.
Max CVSS
6.8
EPSS Score
2.06%
Published
2013-12-09
Updated
2017-01-07
The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.76%
Published
2013-12-09
Updated
2016-12-03
libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.70%
Published
2013-12-09
Updated
2016-12-03
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data.
Max CVSS
6.8
EPSS Score
0.86%
Published
2013-12-09
Updated
2016-12-03
Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data.
Max CVSS
6.8
EPSS Score
2.35%
Published
2013-12-09
Updated
2016-12-03
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.
Max CVSS
6.8
EPSS Score
0.86%
Published
2013-12-09
Updated
2016-12-03
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
Max CVSS
6.8
EPSS Score
1.44%
Published
2013-12-09
Updated
2016-12-03
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data.
Max CVSS
6.8
EPSS Score
0.89%
Published
2013-12-09
Updated
2016-12-03
The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data.
Max CVSS
6.8
EPSS Score
0.93%
Published
2013-12-09
Updated
2016-12-03
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.
Max CVSS
5.0
EPSS Score
0.24%
Published
2013-12-24
Updated
2013-12-26
The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference.
Max CVSS
10.0
EPSS Score
0.31%
Published
2013-11-23
Updated
2016-12-03
The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service (out-of-bounds heap write) via a G2M4 encoded file.
Max CVSS
4.3
EPSS Score
0.46%
Published
2013-11-23
Updated
2016-12-03
libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write.
Max CVSS
7.5
EPSS Score
0.25%
Published
2013-11-23
Updated
2016-12-03
The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) via crafted LucasArts Smush video data.
Max CVSS
4.3
EPSS Score
0.16%
Published
2013-06-10
Updated
2013-10-04
The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data.
Max CVSS
4.3
EPSS Score
0.41%
Published
2013-06-10
Updated
2015-10-28
The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data.
Max CVSS
4.3
EPSS Score
0.15%
Published
2013-06-10
Updated
2013-06-10
The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data.
Max CVSS
4.3
EPSS Score
0.41%
Published
2013-06-10
Updated
2015-10-28
77 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!