CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Ffmpeg : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1999015 125 2018-07-23 2018-09-20
4.3
None Remote Medium Not required Partial None None
FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later.
2 CVE-2018-1999014 125 2018-07-23 2018-09-19
4.3
None Remote Medium Not required None None Partial
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.
3 CVE-2018-1999013 416 2018-07-23 2018-09-20
4.3
None Remote Medium Not required Partial None None
FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later.
4 CVE-2018-14395 369 DoS 2018-07-19 2018-09-12
4.3
None Remote Medium Not required None None Partial
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.
5 CVE-2018-14394 369 DoS 2018-07-19 2018-09-12
4.3
None Remote Medium Not required None None Partial
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
6 CVE-2018-13304 20 DoS 2018-07-05 2018-07-18
4.3
None Remote Medium Not required None None Partial
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c.
7 CVE-2018-13303 476 DoS 2018-07-05 2018-07-18
4.3
None Remote Medium Not required None None Partial
In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.
8 CVE-2018-13301 476 DoS 2018-07-05 2018-07-18
4.3
None Remote Medium Not required None None Partial
In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.
9 CVE-2018-12460 476 DoS 2018-06-15 2018-08-02
4.3
None Remote Medium Not required None None Partial
libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.
10 CVE-2018-12459 20 DoS 2018-06-15 2018-08-02
4.3
None Remote Medium Not required None None Partial
An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
11 CVE-2018-12458 20 DoS 2018-06-15 2018-08-02
4.3
None Remote Medium Not required None None Partial
An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
12 CVE-2018-10001 125 DoS 2018-04-10 2018-07-27
4.3
None Remote Medium Not required None None Partial
The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.
13 CVE-2018-7751 399 DoS 2018-04-24 2018-06-13
4.3
None Remote Medium Not required None None Partial
The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.
14 CVE-2018-7557 125 DoS 2018-02-28 2018-07-27
4.3
None Remote Medium Not required None None Partial
The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.
15 CVE-2018-6912 125 DoS 2018-02-11 2018-03-02
4.3
None Remote Medium Not required None None Partial
The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
16 CVE-2018-6621 125 DoS 2018-02-04 2018-07-27
4.3
None Remote Medium Not required None None Partial
The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
17 CVE-2018-6392 125 DoS 2018-01-29 2018-07-27
4.3
None Remote Medium Not required None None Partial
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
18 CVE-2017-1000460 476 2018-01-03 2018-02-01
4.3
None Remote Medium Not required None None Partial
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
19 CVE-2017-17555 476 DoS 2017-12-11 2018-08-13
4.3
None Remote Medium Not required None None Partial
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
20 CVE-2017-17081 125 DoS 2017-11-30 2018-01-28
4.3
None Remote Medium Not required None None Partial
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG file.
21 CVE-2017-15186 415 DoS 2017-10-24 2017-11-28
4.3
None Remote Medium Not required None None Partial
Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file.
22 CVE-2017-14058 399 DoS 2017-08-31 2017-11-03
4.3
None Remote Medium Not required None None Partial
In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).
23 CVE-2017-9608 476 DoS 2017-12-27 2018-01-17
4.3
None Remote Medium Not required None None Partial
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
24 CVE-2016-9561 399 DoS 2016-12-23 2016-12-23
4.3
None Remote Medium Not required None None Partial
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
25 CVE-2016-8595 20 DoS 2016-12-23 2017-01-03
4.3
None Remote Medium Not required None None Partial
The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.
26 CVE-2016-7905 476 DoS 2016-12-23 2017-06-30
4.3
None Remote Medium Not required None None Partial
The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file.
27 CVE-2016-7785 20 DoS 2016-12-23 2017-06-30
4.3
None Remote Medium Not required None None Partial
The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.
28 CVE-2016-7562 119 DoS Overflow 2016-12-23 2017-06-30
4.3
None Remote Medium Not required None None Partial
The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.
29 CVE-2016-7555 200 +Info 2016-12-23 2017-06-30
4.3
None Remote Medium Not required Partial None None
The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure.
30 CVE-2016-7122 399 2016-12-23 2017-06-30
4.3
None Remote Medium Not required None None Partial
The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.
31 CVE-2016-6881 399 DoS 2016-12-23 2016-12-23
4.3
None Remote Medium Not required None None Partial
The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.
32 CVE-2016-2213 119 DoS Overflow 2016-02-03 2016-12-05
4.3
None Remote Medium Not required None None Partial
The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data.
33 CVE-2016-1898 200 +Info 2016-01-14 2018-10-30
4.3
None Remote Medium Not required Partial None None
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.
34 CVE-2016-1897 200 +Info 2016-01-14 2018-10-30
4.3
None Remote Medium Not required Partial None None
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.
35 CVE-2015-1208 191 +Info 2018-01-09 2018-01-30
4.3
None Remote Medium Not required Partial None None
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
36 CVE-2013-4264 119 DoS Overflow 2013-11-23 2016-12-02
4.3
None Remote Medium Not required None None Partial
The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service (out-of-bounds heap write) via a G2M4 encoded file.
37 CVE-2013-3675 20 DoS Overflow 2013-06-09 2013-10-04
4.3
None Remote Medium Not required None None Partial
The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) via crafted LucasArts Smush video data.
38 CVE-2013-3674 20 DoS 2013-06-09 2015-10-27
4.3
None Remote Medium Not required None None Partial
The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data.
39 CVE-2013-3673 119 DoS Overflow 2013-06-09 2013-06-10
4.3
None Remote Medium Not required None None Partial
The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data.
40 CVE-2013-3672 20 DoS 2013-06-09 2015-10-27
4.3
None Remote Medium Not required None None Partial
The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data.
41 CVE-2013-3671 189 DoS 2013-06-09 2013-06-10
4.3
None Remote Medium Not required None None Partial
The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message.
42 CVE-2013-3670 119 DoS Overflow 2013-06-09 2013-06-10
4.3
None Remote Medium Not required None None Partial
The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release.
43 CVE-2013-0860 20 2013-11-23 2016-12-02
4.3
None Remote Medium Not required None None Partial
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data.
44 CVE-2012-6617 DoS 2013-12-24 2013-12-26
4.3
None Remote Medium Not required None None Partial
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
45 CVE-2012-6615 DoS 2013-12-24 2013-12-26
4.3
None Remote Medium Not required None None Partial
The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.
46 CVE-2012-0850 119 DoS Overflow Mem. Corr. 2012-08-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted mpg file that triggers memory corruption involving the v_off variable, probably a buffer underflow.
47 CVE-2012-0849 189 DoS Overflow 2012-08-27 2018-10-30
4.3
None Remote Medium Not required None None Partial
Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted JPEG2000 image that triggers an incorrect check for a negative value.
48 CVE-2012-0848 119 DoS Overflow 2012-08-20 2017-08-28
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the ws_snd_decode_frame function in libavcodec/ws-snd1.c in FFmpeg 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file, related to an incorrect calculation, aka "wrong samples count."
49 CVE-2012-0847 119 DoS Overflow 2012-08-20 2012-08-21
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file.
50 CVE-2011-4579 119 DoS Overflow Mem. Corr. 2012-08-20 2012-08-21
4.3
None Remote Medium Not required None None Partial
The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed."
Total number of vulnerabilities : 58   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.