Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  Security Vulnerabilities
CVE-2011-4351
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.028
Published
2013-12-09
CVE-2011-3950
The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-12-09
CVE-2011-3949
The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-12-09
CVE-2011-3946
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-12-09
CVE-2011-3944
The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data.
CVSS Score
6.8
EPSS Score
0.007
Published
2013-12-09
CVE-2011-3941
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write.
CVSS Score
7.5
EPSS Score
0.006
Published
2013-12-09
CVE-2011-3935
The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-12-09
CVE-2011-3934
Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data.
CVSS Score
6.8
EPSS Score
0.006
Published
2013-12-09
CVE-2013-0859
The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access.
CVSS Score
9.3
EPSS Score
0.005
Published
2013-12-07
CVE-2013-0844
Off-by-one error in the adpcm_decode_frame function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-bounds array access.
CVSS Score
9.3
EPSS Score
0.008
Published
2013-12-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved