Phillip Langlois discovered that FFmpeg incorrectly handled
certain malformed QDM2 streams. If a user were tricked into opening
a crafted QDM2 stream file, an attacker could cause a denial of
service via application crash, or possibly execute arbitrary code
with the privileges of the user invoking the program.
(CVE-2011-4351)
Phillip Langlois discovered that FFmpeg incorrectly handled
certain malformed VP3 streams. If a user were tricked into opening
a crafted file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2011-4352)
Phillip Langlois discovered that FFmpeg incorrectly handled
certain malformed VP5 and VP6 streams. If a user were tricked into
opening a crafted file, an attacker could cause a denial of service
via application crash, or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2011-4353)
It was discovered that FFmpeg incorrectly handled certain
malformed VMD files. If a user were tricked into opening a crafted
VMD file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2011-4364)
Phillip Langlois discovered that FFmpeg incorrectly handled
certain malformed SVQ1 streams. If a user were tricked into opening
a crafted SVQ1 stream file, an attacker could cause a denial of
service via application crash, or possibly execute arbitrary code
with the privileges of the user invoking the program.
(CVE-2011-4579)