Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  >> 0.10.1  Security Vulnerabilities
CVE-2014-2099
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data.
CVSS Score
6.8
EPSS Score
0.004
Published
2014-03-02
CVE-2014-2263
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.
CVSS Score
6.8
EPSS Score
0.011
Published
2014-03-01
CVE-2012-6615
The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.
CVSS Score
4.3
EPSS Score
0.008
Published
2013-12-24
CVE-2012-6616
The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.
CVSS Score
5.0
EPSS Score
0.008
Published
2013-12-24
CVE-2012-6617
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
CVSS Score
4.3
EPSS Score
0.006
Published
2013-12-24
CVE-2012-6618
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
CVSS Score
2.6
EPSS Score
0.01
Published
2013-12-24
CVE-2013-4358
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-12-24
CVE-2013-7021
The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data.
CVSS Score
6.8
EPSS Score
0.014
Published
2013-12-09
CVE-2013-7022
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.
CVSS Score
6.8
EPSS Score
0.013
Published
2013-12-09
CVE-2013-7023
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
CVSS Score
6.8
EPSS Score
0.01
Published
2013-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved