Ffmpeg : Security Vulnerabilities, CVEs,
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
Max CVSS
2.6
EPSS Score
1.60%
Published
2013-12-24
Updated
2014-02-21
Heap-based buffer overflow in the MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.9.1, when the lowres option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted H263 media file. NOTE: this vulnerability exists because of a regression error.
Max CVSS
2.6
EPSS Score
1.17%
Published
2012-08-20
Updated
2018-10-30
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.
Max CVSS
1.9
EPSS Score
0.20%
Published
2008-07-18
Updated
2017-08-08
3 vulnerabilities found