Ffmpeg

Ffmpeg

484 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2013-0853

  • EPSS 0.71%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array access, possibly due to an off-by-one error.

9.3

CVE-2013-0854

  • EPSS 0.94%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data.

9.3

CVE-2013-0855

  • EPSS 0.77%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Lossless Audio Codec (ALAC) data, which triggers an ou...

9.3

CVE-2013-0856

  • EPSS 0.54%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value.

9.3

CVE-2013-0857

  • EPSS 0.71%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data.

9.3

CVE-2013-0858

  • EPSS 1.15%
  • Veröffentlicht 07.12.2013 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer than two channels.

4.3

CVE-2013-0860

  • EPSS 0.89%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted pi...

5

CVE-2013-0861

  • EPSS 0.38%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout.

9.3

CVE-2013-0862

  • EPSS 0.94%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds ...

9.3

CVE-2013-0863

  • EPSS 1.35%
  • Veröffentlicht 23.11.2013 18:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video data.