exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2013-0852

Status Candidate

Overview

The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access.

Related Files

Gentoo Linux Security Advisory 201502-08
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-8 - Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 9.17 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-4609
SHA-256 | 8b25111daeecad86d923dea6ab62f2ab11b37e8fde0d7e62cded8470639bf721
Mandriva Linux Security Advisory 2014-227
Posted Nov 25, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-227 - The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and the colorspace set to YUV422P, which triggers an out-of-bounds array access. The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service via crafted American Laser Games MM Video data. The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service via crafted CD Graphics Video data. The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted FFV1 data. The updated packages have been upgraded to the 0.10.15 version which is not vulnerable to these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-0848, CVE-2013-0852, CVE-2013-0860, CVE-2013-3672, CVE-2013-3674, CVE-2013-7020
SHA-256 | cf41dc584dc8f69da805e217d05ba3652ca3aa212448252fb3fd5fc8f26c4777
Debian Security Advisory 3003-1
Posted Aug 11, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3003-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2011-3934, CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851, CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672, CVE-2013-3674, CVE-2014-2263
SHA-256 | 70339fe9c5d5fd5a410f2b3dabbca2412936ecc78d144f4d00c4a0c1f5267955
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close