Ffmpeg

Ffmpeg

489 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2014-5271

  • EPSS 13.02%
  • Veröffentlicht 03.11.2014 16:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service ...

6.8

CVE-2014-2097

  • EPSS 0.43%
  • Veröffentlicht 02.03.2014 04:57:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecifi...

6.8

CVE-2014-2098

  • EPSS 0.43%
  • Veröffentlicht 02.03.2014 04:57:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WM...

6.8

CVE-2014-2099

  • EPSS 0.43%
  • Veröffentlicht 02.03.2014 04:57:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via...

6.8

CVE-2014-2263

  • EPSS 1.13%
  • Veröffentlicht 01.03.2014 00:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.

4.3

CVE-2012-6615

  • EPSS 0.83%
  • Veröffentlicht 24.12.2013 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.

5

CVE-2012-6616

Exploit
  • EPSS 0.77%
  • Veröffentlicht 24.12.2013 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.

4.3

CVE-2012-6617

  • EPSS 0.71%
  • Veröffentlicht 24.12.2013 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.

2.6

CVE-2012-6618

Exploit
  • EPSS 1.05%
  • Veröffentlicht 24.12.2013 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack...

5

CVE-2013-4358

  • EPSS 0.47%
  • Veröffentlicht 24.12.2013 19:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.