| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14169 | 6.8 |
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xffffffff, is provided. As a result, the variable "item_n
|
04-01-2021 - 20:15 | 07-09-2017 - 06:29 | |
| CVE-2017-14223 | 7.1 |
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain suff
|
05-03-2019 - 17:55 | 09-09-2017 - 01:29 | |
| CVE-2014-8542 | 7.5 |
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.
|
05-03-2019 - 17:53 | 05-11-2014 - 11:55 | |
| CVE-2017-7865 | 7.5 |
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
|
05-03-2019 - 17:00 | 14-04-2017 - 04:59 | |
| CVE-2017-7863 | 7.5 |
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.
|
04-03-2019 - 21:12 | 14-04-2017 - 04:59 | |
| CVE-2015-1207 | 4.3 |
Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.
|
04-03-2019 - 19:21 | 06-06-2017 - 18:29 |