| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4639 | 4.3 |
The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error.
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4640 | 4.3 |
Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4633 | 10.0 |
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and tr
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4636 | 4.3 |
FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4635 | 9.3 |
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4634 | 10.0 |
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer,
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4632 | 5.8 |
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.
|
26-10-2011 - 02:44 | 10-02-2010 - 02:30 | |
| CVE-2009-4637 | 10.0 |
FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.
|
20-05-2010 - 05:46 | 10-02-2010 - 02:30 | |
| CVE-2009-4631 | 9.3 |
Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.
|
04-05-2010 - 05:48 | 10-02-2010 - 02:30 | |
| CVE-2009-4638 | 4.3 |
Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
|
04-05-2010 - 05:48 | 10-02-2010 - 02:30 |