Ffmpeg : Security Vulnerabilities, CVEs, CVSS score between 2 and 2.99
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
Max CVSS
2.6
EPSS Score
1.60%
Published
2013-12-24
Updated
2014-02-21
Heap-based buffer overflow in the MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.9.1, when the lowres option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted H263 media file. NOTE: this vulnerability exists because of a regression error.
Max CVSS
2.6
EPSS Score
1.17%
Published
2012-08-20
Updated
2018-10-30
2 vulnerabilities found