Exploit the possiblities
Showing 1 - 4 of 4 RSS Feed

CVE-2013-0860

Status Candidate

Overview

The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data.

Related Files

Gentoo Linux Security Advisory 201603-06
Posted Mar 14, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201603-6 - Multiple vulnerabilities have been found in FFmpeg, the worst of which could lead to arbitrary code execution or Denial of Service condition. Versions less than 2.6.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2013-0860, CVE-2013-0861, CVE-2013-0862, CVE-2013-0863, CVE-2013-0864, CVE-2013-0865, CVE-2013-0866, CVE-2013-0867, CVE-2013-0868, CVE-2013-0872, CVE-2013-0873, CVE-2013-0874, CVE-2013-0875, CVE-2013-0876, CVE-2013-0877, CVE-2013-0878, CVE-2013-4263, CVE-2013-4264, CVE-2013-4265, CVE-2013-7008, CVE-2013-7009, CVE-2013-7010, CVE-2013-7011, CVE-2013-7012, CVE-2013-7013, CVE-2013-7014, CVE-2013-7015, CVE-2013-7016
MD5 | 5d3655141a12f2cae1b43103b36dfeec
Gentoo Linux Security Advisory 201502-08
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-8 - Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 9.17 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-4609
MD5 | ae166207a2c30281785e22b2989d13a8
Mandriva Linux Security Advisory 2014-227
Posted Nov 25, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-227 - The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access. The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service via crafted American Laser Games MM Video data. The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service via crafted CD Graphics Video data. The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted FFV1 data. The updated packages have been upgraded to the 0.10.15 version which is not vulnerable to these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-0848, CVE-2013-0852, CVE-2013-0860, CVE-2013-3672, CVE-2013-3674, CVE-2013-7020
MD5 | 10760604983c360d311339c688d6beb2
Debian Security Advisory 3003-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3003-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-2263
MD5 | 328a710f725452ddfda18812bd743877
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close