CVE search results

1 – 10 of 18 results

Detailed view

Sort by:

CVE-2010-3429

Medium priority

Some fixes available 4 of 7

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4638

Medium priority

Ignored

Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4636

Low priority

Ignored

FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4631

Low priority

Ignored

Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4640

Low priority

Some fixes available 4 of 7

Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4639

Low priority

Some fixes available 4 of 7

The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4637

Low priority

Some fixes available 4 of 7

FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4635

Low priority

Ignored

FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and...

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4634

Medium priority

Some fixes available 4 of 7

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of...

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

CVE-2009-4633

Medium priority

Some fixes available 4 of 7

vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a...

2 affected packages

ffmpeg, ffmpeg-debian

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	—	—
ffmpeg-debian	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports