Lianyihan

Researcher fromQihoo 360 Gear Team
#16243of 53,632
16.5Total CVSS
Vulnerabilities · 3
Medium
3
PT-2016-7513
5.5
2016-12-23
FFmpeg · Ffmpeg · CVE-2016-8595
**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.1.5 **Description** The issue allows remote attackers to cause a denial of service via a crafted AVI file, specifically through the `gsm parse` function in `libavcodec/gsm parser.c`. **Recommendations** For versions prior to 3.1.5, update to version 3.1.5 or later to resolve the issue.
PT-2016-7394
5.5
2016-10-18
FFmpeg · Ffmpeg · CVE-2016-7785
**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.1.4 **Description** The issue allows remote attackers to cause a denial of service via a crafted AVI file, specifically through the avi read seek function in libavformat/avidec.c. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue.
PT-2016-7421
5.5
2016-10-18
FFmpeg · Ffmpeg · CVE-2016-7905
**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to 3.1.4 **Description** The issue allows remote attackers to cause a denial of service by utilizing a crafted AVI file, which results in a NULL pointer being used. This is due to a problem in the read gab2 sub function located in libavformat/avidec.c. **Recommendations** For versions prior to 3.1.4, update to version 3.1.4 or later to resolve the issue.