Lian Yihan

#10530of 53,633
26.3Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2016-7032
7.8
2016-12-23
FFmpeg · Ffmpeg · CVE-2016-6671
**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.1.2 **Description** The issue allows remote attackers to cause a denial of service or execute arbitrary code via a crafted SWF file, due to memory corruption in the raw decode function in libavcodec/rawdec.c. **Recommendations** For versions prior to 3.1.2, update to version 3.1.2 or later to resolve the issue.
PT-2016-7776
5.5
2016-12-23
FFmpeg · Ffmpeg · CVE-2016-9561
**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.2.1 **Description** The issue allows remote attackers to cause a denial of service by allocating huge memory via a crafted MOV file. This is due to a problem in the che configure function in libavcodec/aacdec template.c. **Recommendations** For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted MOV files to minimize the risk of exploitation.
PT-2015-7799
6.5
2015-12-09
Qemu · Qemu · CVE-2015-8504
**Name of the Vulnerable Software and Affected Versions** Qemu (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in an arithmetic exception and application crash, via crafted SetPixelFormat messages from a client. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2015-6811
6.5
2014-08-05
Qemu · Qemu · CVE-2015-5239
**Name of the Vulnerable Software and Affected Versions** QEMU versions prior to 2.1.0 **Description** The issue is related to an integer overflow in the VNC display driver of the QEMU emulator. This overflow can be triggered by a CLIENT CUT TEXT message, leading to an infinite loop and eventually causing the QEMU process to crash, resulting in a denial of service. The vulnerability is applicable to QEMU and affects Arista EOS when hosting guest virtual machines, particularly if untrusted users have access to the virtual machine. **Recommendations** For QEMU versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the VNC display driver or limiting the ability of users to send CLIENT CUT TEXT messages to prevent the denial of service attack.