Summary
| Detail | |||
|---|---|---|---|
| Vendor | Libav | First view | 2011-07-07 |
| Product | Libav | Last view | 2020-01-14 |
| Version | 0.6 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:libav:libav | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2020-01-14 | CVE-2014-4609 | Integer overflow in the get_len function in libavutil/lzo.c in Libav before 0.8.13, 9.x before 9.14, and 10.x before 10.2 allows remote attackers to execute arbitrary code via a crafted Literal Run. |
| 6.5 | 2019-09-19 | CVE-2019-9720 | A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. |
| 8.8 | 2019-09-19 | CVE-2019-9719 | ** DISPUTED ** A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a vulnerability is provided†and only “a generic warning from a static code analysis†is provided. |
| 6.5 | 2019-09-19 | CVE-2019-9717 | In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf. |
| 8.8 | 2018-01-18 | CVE-2018-5766 | In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file. |
| 8.8 | 2018-01-13 | CVE-2018-5684 | In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file. |
| 7.5 | 2017-11-13 | CVE-2017-16803 | In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream. |
| 9.8 | 2017-05-18 | CVE-2017-9051 | libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. |
| 5.5 | 2017-02-15 | CVE-2016-8676 | The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675. |
| 5.5 | 2017-02-15 | CVE-2016-8675 | The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection. |
| 5.5 | 2017-02-15 | CVE-2016-7393 | Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. |
| 5.5 | 2017-02-15 | CVE-2016-6832 | Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing. |
| 5.5 | 2016-10-07 | CVE-2016-7424 | The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. |
| 8.8 | 2016-06-16 | CVE-2016-3062 | The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. |
| 6.5 | 2016-04-19 | CVE-2015-5479 | The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions. |
| 6.8 | 2015-06-16 | CVE-2015-3395 | The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. |
| 7.5 | 2014-11-03 | CVE-2014-5271 | Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. |
| 10 | 2014-06-06 | CVE-2014-3984 | Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors. |
| 10 | 2013-01-04 | CVE-2011-3937 | The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads." |
| 6.8 | 2012-08-20 | CVE-2012-0947 | Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VQA media file in which the image size is not a multiple of the block size. |
| 6.8 | 2012-08-20 | CVE-2012-0858 | The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free". |
| 6.8 | 2012-08-20 | CVE-2012-0853 | The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (infinite loop and crash) and possibly execute arbitrary code via a large component count in an Atrac 3 file. |
| 6.8 | 2012-08-20 | CVE-2012-0852 | The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. |
| 6.8 | 2012-08-20 | CVE-2012-0851 | The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. |
| 4.3 | 2012-08-20 | CVE-2011-4579 | The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 54% (19) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 11% (4) | CWE-476 | NULL Pointer Dereference |
| 8% (3) | CWE-189 | Numeric Errors |
| 8% (3) | CWE-20 | Improper Input Validation |
| 5% (2) | CWE-787 | Out-of-bounds Write |
| 2% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 2% (1) | CWE-399 | Resource Management Errors |
| 2% (1) | CWE-190 | Integer Overflow or Wraparound |
| 2% (1) | CWE-125 | Out-of-bounds Read |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78300 | FFmpeg libavcodec/svq1dec.c svq1_decode_frame() Function File Handling Memory... |
| 78090 | FFmpeg libavcodec vmd_decode() Function Frame Dimension Offset Parsing Remote... |
| 77291 | FFmpeg Multiple Function Out-of-bounds Read Remote DoS |
| 77290 | FFmpeg libavcodec/vp3.c vp3_dequant() Function Unspecified Remote Overflow |
| 74926 | ffmpeg libavcodec/cavsdec.c Multiple Function Signedness Error CAVS File Hand... |
| 72577 | FFmpeg LibAVCodec Sunplus JPEG Decoder AMV File Handling Arbitrary Code Execu... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2471-1 (ffmpeg - several vulnerabilities) File : nvt/deb_2471_1.nasl |
| 2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-06 (libav) File : nvt/glsa_201210_06.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2494-1 (ffmpeg) File : nvt/deb_2494_1.nasl |
| 2012-08-03 | Name : Mandriva Update for ffmpeg MDVSA-2012:075 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2012_075.nasl |
| 2012-08-03 | Name : Mandriva Update for ffmpeg MDVSA-2012:076 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2012_076.nasl |
| 2012-06-19 | Name : Ubuntu Update for libav USN-1478-1 File : nvt/gb_ubuntu_USN_1478_1.nasl |
| 2012-06-19 | Name : Ubuntu Update for ffmpeg USN-1479-1 File : nvt/gb_ubuntu_USN_1479_1.nasl |
| 2012-02-12 | Name : FreeBSD Ports: ffmpeg File : nvt/freebsd_ffmpeg1.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2336-1 (ffmpeg) File : nvt/deb_2336_1.nasl |
| 2012-02-11 | Name : Debian Security Advisory DSA 2378-1 (ffmpeg) File : nvt/deb_2378_1.nasl |
| 2012-01-20 | Name : Ubuntu Update for libav USN-1333-1 File : nvt/gb_ubuntu_USN_1333_1.nasl |
| 2012-01-09 | Name : Ubuntu Update for ffmpeg USN-1320-1 File : nvt/gb_ubuntu_USN_1320_1.nasl |
| 2011-09-23 | Name : Ubuntu Update for ffmpeg USN-1209-1 File : nvt/gb_ubuntu_USN_1209_1.nasl |
| 2011-09-23 | Name : Ubuntu Update for libav USN-1209-2 File : nvt/gb_ubuntu_USN_1209_2.nasl |
| 2011-07-14 | Name : VLC Media Player 'AMV' Denial of Service Vulnerability (Linux) File : nvt/gb_vlc_media_player_amv_dos_vuln_lin.nasl |
| 2011-07-14 | Name : VLC Media Player 'AMV' Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_amv_dos_vuln_win.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-14 | libav LZO integer overflow attempt RuleID : 36565 - Type : FILE-MULTIMEDIA - Revision : 3 |
| 2016-03-14 | libav LZO integer overflow attempt RuleID : 36564 - Type : FILE-MULTIMEDIA - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-11-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201811-19.nasl - Type: ACT_GATHER_INFO |
| 2018-02-20 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4119.nasl - Type: ACT_GATHER_INFO |
| 2017-05-10 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201705-08.nasl - Type: ACT_GATHER_INFO |
| 2017-01-13 | Name: The remote Debian host is missing a security update. File: debian_DLA-780.nasl - Type: ACT_GATHER_INFO |
| 2016-10-05 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3685.nasl - Type: ACT_GATHER_INFO |
| 2016-10-05 | Name: The remote Debian host is missing a security update. File: debian_DLA-644.nasl - Type: ACT_GATHER_INFO |
| 2016-06-28 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-779.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: The remote Debian host is missing a security update. File: debian_DLA-515.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3603.nasl - Type: ACT_GATHER_INFO |
| 2016-04-05 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-2944-1.nasl - Type: ACT_GATHER_INFO |
| 2016-03-14 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201603-06.nasl - Type: ACT_GATHER_INFO |
| 2015-09-02 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_80c66af0d1c5449ebd3163b12525ff88.nasl - Type: ACT_GATHER_INFO |
| 2015-07-17 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_a928960a2bdc11e586ff14dae9d210b8.nasl - Type: ACT_GATHER_INFO |
| 2015-06-15 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3288.nasl - Type: ACT_GATHER_INFO |
| 2015-06-02 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_65b14d39d01f419cb0b85df60b929973.nasl - Type: ACT_GATHER_INFO |
| 2015-03-31 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-173.nasl - Type: ACT_GATHER_INFO |
| 2015-02-09 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201502-08.nasl - Type: ACT_GATHER_INFO |
| 2014-07-14 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2977.nasl - Type: ACT_GATHER_INFO |
| 2014-07-10 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2014-129.nasl - Type: ACT_GATHER_INFO |
| 2014-06-12 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-2244-1.nasl - Type: ACT_GATHER_INFO |
| 2013-10-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201310-12.nasl - Type: ACT_GATHER_INFO |
| 2013-08-21 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_4d087b35099011e3a9f4bcaec565249c.nasl - Type: ACT_GATHER_INFO |
| 2013-04-20 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2013-079.nasl - Type: ACT_GATHER_INFO |
| 2013-02-18 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2624.nasl - Type: ACT_GATHER_INFO |
| 2012-10-22 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201210-06.nasl - Type: ACT_GATHER_INFO |
