The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data.
Max CVSS
6.8
EPSS Score
0.80%
Published
2013-12-09
Updated
2016-12-03
The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference.
Max CVSS
10.0
EPSS Score
0.31%
Published
2013-11-23
Updated
2016-12-03
The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout.
Max CVSS
5.0
EPSS Score
0.31%
Published
2013-11-23
Updated
2016-12-03
The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data.
Max CVSS
4.3
EPSS Score
0.64%
Published
2013-11-23
Updated
2016-12-03
The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.
Max CVSS
4.3
EPSS Score
0.31%
Published
2013-12-24
Updated
2013-12-26
Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data.
Max CVSS
6.8
EPSS Score
0.29%
Published
2013-12-09
Updated
2013-12-10
6 vulnerabilities found