VulnerableCode Package Details - pkg:deb/ubuntu/libav@6:9.18-0ubuntu0.14.04.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-v438-fbd1-aaaj Aliases: CVE-2014-7933	Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data.	6:9.20-0ubuntu0.14.04.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-v438-fbd1-aaaj
Aliases:
CVE-2014-7933

Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data.

6:9.20-0ubuntu0.14.04.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2ut6-x9bk-aaas	libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data.	CVE-2014-8543
VCID-3tb5-cz2m-aaad	libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.	CVE-2014-8544
VCID-8se2-jdth-aaaj	libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.	CVE-2014-9604
VCID-9q4u-vc5g-aaac	libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.	CVE-2014-8547
VCID-9z3v-fyrt-aaab	libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.	CVE-2014-8542
VCID-h7zx-7n98-aaap	Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.	CVE-2014-8548

Vulnerability

Summary

Aliases

VCID-2ut6-x9bk-aaas

libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data.

CVE-2014-8543

VCID-3tb5-cz2m-aaad

libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data.

CVE-2014-8544

VCID-8se2-jdth-aaaj

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions.

CVE-2014-9604

VCID-9q4u-vc5g-aaac

libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data.

CVE-2014-8547

VCID-9z3v-fyrt-aaab

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.

CVE-2014-8542

VCID-h7zx-7n98-aaap

Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data.

CVE-2014-8548

Next non-vulnerable version	6:9.20-0ubuntu0.14.04.1
Latest non-vulnerable version	6:9.20-0ubuntu0.14.04.1
Risk	4.0