ffmpeg2.8

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Unknown
Version Removed

Open

Group Affected Fixed Severity Status Ticket
AVG-406 2.8.13-3 Low Unknown
Issue Group Severity Remote Type Description
CVE-2017-14223 AVG-406 Low No Denial of service
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption....
CVE-2017-14222 AVG-406 Low No Denial of service
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-407 2.8.13-1 Low Not affected
AVG-405 2.8.12-1 2.8.13-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-14225 AVG-405 Low No Denial of service
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers...
CVE-2017-14171 AVG-405 Low No Denial of service
In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...
CVE-2017-14170 AVG-405 Low No Denial of service
In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption....
CVE-2017-14169 AVG-405 Low No Denial of service
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which claims a...
CVE-2017-14059 AVG-405 Low No Denial of service
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims...
CVE-2017-14058 AVG-405 Medium Yes Denial of service
In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to...
CVE-2017-14057 AVG-405 Low No Denial of service
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file,...
CVE-2017-14056 AVG-405 Low No Denial of service
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When...
CVE-2017-14055 AVG-405 Low No Denial of service
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption....
CVE-2017-14054 AVG-407 Low No Denial of service
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...

Advisories

Date Advisory Group Severity Type
28 Sep 2017 ASA-201709-23 AVG-405 Medium denial of service