Libav

Libav

108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-18243

  • EPSS 0.35%
  • Veröffentlicht 22.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:39

The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.

6.5

CVE-2017-18244

  • EPSS 0.65%
  • Veröffentlicht 22.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:40

The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.

8.8

CVE-2018-5766

Exploit
  • EPSS 0.77%
  • Veröffentlicht 18.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:21

In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.

8.8

CVE-2018-5684

Exploit
  • EPSS 0.44%
  • Veröffentlicht 14.01.2018 02:29:05
  • Zuletzt bearbeitet 21.11.2024 04:09:09

In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a craf...

6.5

CVE-2017-1000460

Exploit
  • EPSS 0.22%
  • Veröffentlicht 03.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:46

In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exceptio...

6.5

CVE-2017-17127

Exploit
  • EPSS 0.4%
  • Veröffentlicht 04.12.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

6.5

CVE-2017-17128

Exploit
  • EPSS 0.35%
  • Veröffentlicht 04.12.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file.

8.8

CVE-2017-17129

Exploit
  • EPSS 0.37%
  • Veröffentlicht 04.12.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

8.8

CVE-2017-17130

Exploit
  • EPSS 0.48%
  • Veröffentlicht 04.12.2017 08:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, relate...

7.5

CVE-2017-16803

  • EPSS 0.68%
  • Veröffentlicht 13.11.2017 17:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read...