Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3951

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-3951
Last Modified 21 Aug 2012 12:00:00
Published 20 Aug 2012 02:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3951

Summary

The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.

Vulnerable Systems

Application

  • Ffmpeg 0.7.1

  • Ffmpeg 0.7.11

  • Ffmpeg 0.7.12

  • Ffmpeg 0.7.2

  • Ffmpeg 0.7.7

  • Ffmpeg 0.7.8

  • Ffmpeg 0.7.9

  • Ffmpeg 0.8.10

  • Ffmpeg 0.8.11

  • Ffmpeg 0.8.5

  • Ffmpeg 0.8.6

  • Ffmpeg 0.8.7

  • Ffmpeg 0.8.8

  • Ffmpeg 0.9

  • Ffmpeg 0.9.1

  • Libav 0.5

  • Libav 0.5.1

  • Libav 0.5.2

  • Libav 0.5.3

  • Libav 0.5.4

  • Libav 0.5.5

  • Libav 0.5.6

  • Libav 0.5.7

  • Libav 0.6

  • Libav 0.6.1

  • Libav 0.6.2

  • Libav 0.6.3

  • Libav 0.6.4

  • Libav 0.6.5

  • Libav 0.7

  • Libav 0.7.1

  • Libav 0.7.2

  • Libav 0.7.3

  • Libav 0.7.4

  • Libav 0.8


References

UBUNTU - USN-1479-1

DEBIAN - DSA-2494

CONFIRM - http://libav.org/

CONFIRM - http://git.libav.org/?p=libav.git;a=commit;h=ce7aee9b733134649a6ce2fa743e51733f33e67e

CONFIRM - http://ffmpeg.org/


Last Updated: 27 May 2016 10:49:40