Ffmpeg

Ffmpeg

489 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2010-3429

  • EPSS 4.99%
  • Veröffentlicht 30.09.2010 15:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

9.3

CVE-2009-4631

Exploit
  • EPSS 3.6%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.

5.8

CVE-2009-4632

Exploit
  • EPSS 3.48%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.

10

CVE-2009-4633

Exploit
  • EPSS 6.79%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and tr...

10

CVE-2009-4634

Exploit
  • EPSS 5.99%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, ...

9.3

CVE-2009-4635

Exploit
  • EPSS 9.71%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading...

4.3

CVE-2009-4636

Exploit
  • EPSS 3.18%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.

10

CVE-2009-4637

Exploit
  • EPSS 33.81%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.

4.3

CVE-2009-4638

Exploit
  • EPSS 2.71%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

4.3

CVE-2009-4639

Exploit
  • EPSS 4.12%
  • Veröffentlicht 10.02.2010 02:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error.