Ffmpeg

Ffmpeg

485 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2011-2160

  • EPSS 0.75%
  • Veröffentlicht 20.05.2011 22:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-201...

6.8

CVE-2010-3908

  • EPSS 2.3%
  • Veröffentlicht 20.05.2011 22:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.

6.8

CVE-2011-0722

  • EPSS 0.88%
  • Veröffentlicht 20.05.2011 22:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.

6.8

CVE-2011-0723

  • EPSS 1.01%
  • Veröffentlicht 20.05.2011 22:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.

4.3

CVE-2010-4704

Exploit
  • EPSS 4.12%
  • Veröffentlicht 22.01.2011 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-20...

9.3

CVE-2010-4705

  • EPSS 0.49%
  • Veröffentlicht 22.01.2011 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: thi...

6.8

CVE-2010-3429

  • EPSS 4.99%
  • Veröffentlicht 30.09.2010 15:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

9.3

CVE-2009-4631

Exploit
  • EPSS 3.6%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.

5.8

CVE-2009-4632

Exploit
  • EPSS 3.48%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.

10

CVE-2009-4633

Exploit
  • EPSS 6.79%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and tr...