Vulnerabilites related to ffmpeg - libavcodec
Vulnerability from fkie_nvd
Published
2011-07-07 21:55
Modified
2024-11-21 01:27
Severity ?
Summary
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62B371E4-1DC2-421C-97C3-0C7D63634431",
"versionEndIncluding": "0.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8FA106-FE65-4BB0-92A7-E8A5AF978A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "514669DA-8D02-44CE-BE18-8783F69AE394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "37FBB817-A186-4517-9DA7-B3638576AAE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "157ABA40-6101-4E9C-A24C-84F8E23D374D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA07753-777E-469D-BBBA-E300C8FDE9D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B022E537-0A57-4F9A-941E-DA10CFF0FC0B",
"versionEndIncluding": "0.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FB86B78D-837D-481F-A6E8-F48501E08D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5056E88C-1F9D-4138-A291-D28CB6766D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76D7B815-46FE-4EB6-A922-5B174B74F4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5ECC4210-D6A3-4ECC-A042-2107FD655A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71EE1D87-553D-4EA6-BFA7-58CBA7819A01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CDE9C28-FCF7-4CF8-A657-780F18769980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1607C08-0CAD-4148-9F0E-74E53D364156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B957D8F4-F012-4FF5-87B5-3D31936004DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9344E3-FBB0-4777-889A-D40438C3C560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D53D47A-8946-4EB3-8A2B-4A87E0AADD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4F28C3ED-FE8A-4404-9CD7-9119373C6EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B473F20B-FE7F-4AB4-86AB-BE50E68A1E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E0C3E3-7935-4569-B086-9C1CA048EE68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78EBAC6A-AAD3-4F7F-8500-C98EB2BD4468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "38A1F1CF-56FD-46C4-AABA-AA72648D7863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F27FF9C0-652E-42E8-90D0-B9B369DD6C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CECEC54E-7014-447C-9174-8C2B026FF0B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD1BB7A-D6FF-4B80-9DA6-36D081FB41CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libav:libav:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "530C27CC-3250-4C94-8D88-F423FFD0BD4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "790E5A3C-CDBA-46B9-8C77-3C3905BC0760",
"versionEndIncluding": "1.1.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*",
"matchCriteriaId": "10A23C59-433E-467A-9FDD-7D18CC1AC0AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*",
"matchCriteriaId": "35E2E373-13F6-405D-8866-ECADE118C2F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9447EA-6F39-4B10-A0E1-C094CF3E1BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D2A6B8-B75C-42B5-962F-28DB013D65E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA4C098-F2B1-496E-B872-90774C7D105C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C2006D-FA5A-4002-B81B-54FC35B46DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8DE917-7328-4D01-9736-0567963F4D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*",
"matchCriteriaId": "8197F279-8411-4E9A-9840-BCC625D636C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7AF897-3B0C-4CA0-86C7-93C9AA26CD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B2C78E-8399-404C-97E5-CDAB93587757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D6BE69-725A-4CE1-BD42-D3FA10126BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC1414B-3733-4B29-AC06-E6788E29C7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*",
"matchCriteriaId": "DBDEEC2D-8ACD-4C6B-944A-F0952498E511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC59E17-D647-4F91-B9B7-D9949921DFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC4F928-FD5D-4C11-BF39-B068A5630DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "398EC30A-ABC6-4474-9516-63769F71E8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*",
"matchCriteriaId": "86EB8260-DCAA-4261-BFF7-8FE3628CE13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*",
"matchCriteriaId": "F37BDFCB-3171-44A6-8F0A-0FCCCA876801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*",
"matchCriteriaId": "7A26CC61-7D20-4F99-A774-C5FF4AD1F249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*",
"matchCriteriaId": "069BA9C0-7B3F-4B6D-B433-2D618F826438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B04A969-0645-41D4-AEA4-9AC47725F593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "984C1ABC-B155-417A-AA0E-78B13A263650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3913F6C0-22E2-4FFC-AFF6-417F286C36F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205B275E-1E9E-4558-BD8B-1B3E3B349886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA909414-DA30-4DAD-A342-3588B0840251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "028CDDD1-BFB7-438F-811D-7549713F45E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97B959F2-501C-4365-88CD-8231BF36297E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5C7D12-3521-4398-AB5C-CBFB6A500DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFD6C6D-05FC-437E-92B7-848C9112FD42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C45418-8946-4DFE-8D78-CBE3432600BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C5F3996-3AE2-4690-84A5-F258BC07596E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12602EC1-07DE-4A40-9897-E7E6A23D4B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6726FF43-2330-444C-86F0-FB774F8470C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "90D485D0-BBF8-4A0F-91A1-52835EF876A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DC23A94C-3611-41BA-9043-22C477B8020B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "01118457-9068-48F7-B2A4-BABB354E1449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB851F73-D444-4316-9AA0-4556068ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6221A983-B4AC-4646-A939-FAA021EE7F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1707178-C378-4098-8C97-CBFB5DD8B4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46904EED-974A-4900-B676-DE298CB3ADE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4384C436-12AF-4051-B074-893BE6B4C7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC2CEE6-A2E1-437A-947F-608EB7987758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C30A98A2-675A-4913-A425-2B9F8F06CEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A360E5-501E-4A97-94A0-620FC5B2627A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2845107-7D0C-4F72-AF0C-0E059E923826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "18B68706-5A1F-479F-8A38-F93D98481F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B32073-DBD5-4344-8498-A132B99807A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5330E5C4-BF18-498A-9AE2-1C57E2494AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "86D31A16-94EE-45D6-8C54-4F27D466A29E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "117C896C-1C61-440E-B0F4-A871828CD095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "53C17E1A-2E3A-4765-92DE-55CFEE5E4CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "A218DA63-4334-4C9F-BB47-44CC00630613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3CD809FD-E893-4921-83CE-D34008670F8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8F60ACBF-E7C6-4184-9B91-8ED3840A7BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D1925D17-564A-4D8C-87FB-D3C731FA0612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "70BD6170-AD0D-4E95-8998-8B5CE8F0E3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B06DCD7-56C5-4B25-936E-07D766109FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "29AD31C5-B119-44EF-8627-2C480860BAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "692C36B2-2A55-44EA-B80E-D7EDE384BA7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CEAD1ED9-4FA1-47D9-87A0-9D6B4C6771DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E2A762-C13C-4BDD-AD86-7A52609D693D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0042DAC1-A91B-40A6-A379-9C345CF13E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D13741F-8A82-44F6-8D73-98451A180529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E52C6189-71F1-4A3A-BC08-94087AE1FCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "591C6696-07C0-463A-B986-AD4FA6985AC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8342E310-43DE-46C0-85D9-E1D1F9F554E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFBBE61-2E34-4CD2-96D2-89A85E66C9AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E71F3-984E-4CF3-900A-F80E7103D3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B8596527-4778-4CCD-ABBB-90CA434D91E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF8ED57-EE37-4B1D-B094-B3CA22E45127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E42A1C4B-91EE-417B-A254-9D0E93FCF3B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file."
},
{
"lang": "es",
"value": "sp5xdec.c en el decodificador Sunplus SP5X JPEG en libavcodec en FFmpeg antes de v0.6.3 y libav hasta v0.6.2, tal y como se utiliza en VideoLAN VLC media player v1.1.9 y versiones anteriores y otros productos, realiza una operaci\u00f3n de escritura fuera de los l\u00edmites permitidos de un array no especificado, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo AMV mal formado."
}
],
"id": "CVE-2011-1931",
"lastModified": "2024-11-21T01:27:20.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-07T21:55:02.087",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339"
},
{
"source": "secalert@redhat.com",
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8299"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/517706"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/47602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47602"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-30 15:00
Modified
2024-11-21 01:18
Severity ?
Summary
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA07753-777E-469D-BBBA-E300C8FDE9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1758B705-D44F-4A21-B367-5ECBED78ABF3",
"versionEndIncluding": "0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA07753-777E-469D-BBBA-E300C8FDE9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "8808A0CB-CE9B-4045-BB0B-8A53A07BE821",
"versionEndIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6B663B7B-0C85-40C3-A84C-00B7CEC92C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5B44542F-37E2-42C5-BB6B-43C27E0CE615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2B565EDB-8D94-41E2-A00E-E0BB7E89BC80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "77F045FF-8868-44F7-AE51-7593C6149E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.07:*:*:*:*:*:*:*",
"matchCriteriaId": "24915C5E-0A30-4B79-B42F-7598F28AC525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B078BBAB-0278-41A2-96AD-115FBCA964CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1D95B7-05AB-49E7-888F-D4C892988B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.09:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E1975825-BD56-48AB-BE16-56716514BA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6216C47D-3676-4024-A96A-7D5E5054BDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre1:*:*:*:*:*:*",
"matchCriteriaId": "ABB9386A-DBC1-4CED-8CB9-E08BEC92BB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre2:*:*:*:*:*:*",
"matchCriteriaId": "4940524A-F87C-46A6-A909-96C7EACB2617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre3:*:*:*:*:*:*",
"matchCriteriaId": "83E25D7C-8910-46E7-8794-37DD945D81FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre4:*:*:*:*:*:*",
"matchCriteriaId": "0E106220-81FF-48B7-A1A0-27FD2CED1751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre5:*:*:*:*:*:*",
"matchCriteriaId": "D313F762-0A34-45E4-BE25-2821585B4118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre6:*:*:*:*:*:*",
"matchCriteriaId": "9D04E492-DACF-442A-876C-B4B52DB12DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre7:*:*:*:*:*:*",
"matchCriteriaId": "B30E4A46-AEF5-41AB-A849-AEB1CA30BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre10:*:*:*:*:*:*",
"matchCriteriaId": "605C92B3-7A73-41FC-9612-7E67DE9A9BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre11:*:*:*:*:*:*",
"matchCriteriaId": "91F3EA64-57B5-4601-8FEB-04273A381C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre12:*:*:*:*:*:*",
"matchCriteriaId": "94308472-68CE-40EA-9FC8-548E9A6833D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre13:*:*:*:*:*:*",
"matchCriteriaId": "00562E3C-5C2C-4A99-9671-04204285A39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre14:*:*:*:*:*:*",
"matchCriteriaId": "EDB371AC-874B-4388-A36A-BC71713DEF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre15:*:*:*:*:*:*",
"matchCriteriaId": "1B316122-25EE-4A6D-A465-5D0E3BBE1E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre16:*:*:*:*:*:*",
"matchCriteriaId": "AC5F2630-C845-4931-9C0C-551FE044BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre17:*:*:*:*:*:*",
"matchCriteriaId": "AA2FB65D-28ED-400F-BAAC-8CA079BED222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre18:*:*:*:*:*:*",
"matchCriteriaId": "DC45B569-D46D-4F95-AD36-BD5C04AC4386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre19:*:*:*:*:*:*",
"matchCriteriaId": "1D3E385D-E4ED-4330-8B4B-E597AE55105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre2:*:*:*:*:*:*",
"matchCriteriaId": "F10B5AB8-A01E-46E6-89F6-13C58EA0D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre20:*:*:*:*:*:*",
"matchCriteriaId": "E138F978-BCBD-4908-94CA-3A9566D0444E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre21:*:*:*:*:*:*",
"matchCriteriaId": "2DC919B1-F4D4-426E-A362-F4616291D148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre22:*:*:*:*:*:*",
"matchCriteriaId": "8E8B0E5D-8DAF-4ED3-B55D-2DE0F5274552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre23:*:*:*:*:*:*",
"matchCriteriaId": "143D1CED-358C-4E8D-838C-30495C36F8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre24:*:*:*:*:*:*",
"matchCriteriaId": "61F78550-0881-4465-A91C-A06A3B0E169E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre3:*:*:*:*:*:*",
"matchCriteriaId": "B76A08BC-264D-4F82-B5A9-C53795E2FBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre4:*:*:*:*:*:*",
"matchCriteriaId": "5BC48B46-F7FD-4746-A694-A70802D1FAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre5:*:*:*:*:*:*",
"matchCriteriaId": "51BB189D-E845-4A7A-8FB7-E60B89833AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre6:*:*:*:*:*:*",
"matchCriteriaId": "BFCEEE05-D6FD-4438-B3A3-DDC93F49CFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre7:*:*:*:*:*:*",
"matchCriteriaId": "93115B4E-A11F-44A8-8928-5029C6A579D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre8:*:*:*:*:*:*",
"matchCriteriaId": "E5EECC3A-D8BB-4AF1-82D4-09C2C3DE2B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre9:*:*:*:*:*:*",
"matchCriteriaId": "7DDAB10F-4F51-48B6-859E-93223E1FCF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.17_idegcounter:*:*:*:*:*:*:*",
"matchCriteriaId": "DF472EEF-6A61-467F-B3EC-C70EE5610875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.17a_idegcounter:*:*:*:*:*:*:*",
"matchCriteriaId": "05621511-AF2E-4DD3-817E-B641DC3695A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "903F665E-D4A8-471D-8E0F-92CCE5B1A0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "7F6AA65E-82B8-4C84-BE41-AF71466A7239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "D540CDE1-23A3-4854-85D6-9AB6B84CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "3ED65D9B-3217-4264-A879-D057EBBBF16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6036DE90-6157-4210-BF69-0F43A1B309EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC794C4-663A-4E9F-B973-5350AF5307FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre1:*:*:*:*:*:*",
"matchCriteriaId": "A7A8D6EA-BCE2-4B5B-9224-46C4B28BDB12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre2:*:*:*:*:*:*",
"matchCriteriaId": "677BE6E9-BCDC-4367-AC05-202DB34F443A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre3:*:*:*:*:*:*",
"matchCriteriaId": "740990B1-F8E4-4EDA-B2AC-68950BFFD26E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "5D7808F0-6E3F-438F-9C06-2446AF35B8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:pre1:*:*:*:*:*:*",
"matchCriteriaId": "96AB25B7-55C8-4B5B-A5D2-7314D390FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:pre2:*:*:*:*:*:*",
"matchCriteriaId": "BED5EF17-886B-4F1E-962F-139E42ABCAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F69A0F-7C9B-4F53-8181-230630B439C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre1:*:*:*:*:*:*",
"matchCriteriaId": "EE98BF2D-B977-4A30-BB2E-E7A11E5EB871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre10:*:*:*:*:*:*",
"matchCriteriaId": "252D53C2-287E-4498-B62C-F2C64281FAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre2:*:*:*:*:*:*",
"matchCriteriaId": "D5AC7E02-8A78-4A9E-B03C-F16A4F8F64DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre3:*:*:*:*:*:*",
"matchCriteriaId": "69B0EC34-8335-4F9E-8E99-681BE313495B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre4:*:*:*:*:*:*",
"matchCriteriaId": "54E4673B-605D-4D41-BD95-BC78C2C33DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre5:*:*:*:*:*:*",
"matchCriteriaId": "4B4334BC-5B70-475E-97DA-05E8480A6C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre6:*:*:*:*:*:*",
"matchCriteriaId": "5C93DE81-2229-4EB0-A952-D2214BFBD33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre7:*:*:*:*:*:*",
"matchCriteriaId": "0111433E-3F62-4EBA-8B2F-EC0AEE5D8EF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre8:*:*:*:*:*:*",
"matchCriteriaId": "7A4C7D9E-6B52-40CC-873C-E66232409F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre9:*:*:*:*:*:*",
"matchCriteriaId": "2E4F839F-5FD9-4C57-96EB-58B031FC8902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "26681756-DF2A-48EA-955F-E6A4F3856EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "053C5EE6-E2CF-4E77-861F-D1DA004FBD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D3CBEA9C-325D-4D5B-BE80-B19E295AEE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre1:*:*:*:*:*:*",
"matchCriteriaId": "DB35FFDD-5924-4580-8B37-E4F9D45BA5E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre2:*:*:*:*:*:*",
"matchCriteriaId": "EE6C14FF-61D5-4384-80C7-A4068BA0EFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre3:*:*:*:*:*:*",
"matchCriteriaId": "9BB7DA2B-60BE-4798-92A8-B0D380AA9DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc4:*:*:*:*:*:*",
"matchCriteriaId": "FFF13917-3DA6-4FE7-8C6C-0F6D276A182D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc5:*:*:*:*:*:*",
"matchCriteriaId": "809B9FF1-BF82-4815-A96A-E814739AE69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "901C49FD-4D03-46C4-BE17-80BBB580ECD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "A03920C7-82A4-461C-9C77-5312A5CB7A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95F5C399-48B2-42C3-9255-7EB15D920943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "AA645501-C83F-4F49-9AC1-8076040D9884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "D1A24118-B42E-4798-94D4-F3735C1A0D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "0E42DC8E-63D3-4E42-BF4E-DB3F03095FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre3:*:*:*:*:*:*",
"matchCriteriaId": "39268FD5-FA56-4B19-8538-52397893B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre3try2:*:*:*:*:*:*",
"matchCriteriaId": "12EDC636-BBB0-4190-B196-EE30F7C1F145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre4:*:*:*:*:*:*",
"matchCriteriaId": "39BBF9C4-5FA4-4C59-8962-18596017E7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre5:*:*:*:*:*:*",
"matchCriteriaId": "D1A605A8-E4ED-4B97-AD3C-5D4E14CA1EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre5try2:*:*:*:*:*:*",
"matchCriteriaId": "38C3BDF2-E330-4DCB-B6CD-245B6449368D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre6:*:*:*:*:*:*",
"matchCriteriaId": "568713C9-C639-4019-8745-90D03258CBDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre6a:*:*:*:*:*:*",
"matchCriteriaId": "2EA50F69-4528-4377-8C54-8A0242A451C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre7:*:*:*:*:*:*",
"matchCriteriaId": "C9E7F2A7-50D4-40A3-9410-65C74108F62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre7try2:*:*:*:*:*:*",
"matchCriteriaId": "82990507-5892-471C-8B17-0EE92B0178D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre8:*:*:*:*:*:*",
"matchCriteriaId": "8F63040B-8ABF-4A7D-B6EE-F2A1E941A18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39B39CDD-FA9A-44A3-A760-DE992B8C7C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D55429CA-FEA4-4C82-8A8D-98DF43D33EA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
},
{
"lang": "es",
"value": "flicvideo.c en libavcodec 0.6 y versiones anteriores en FFmpeg, tal como es usado en MPlayer y otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero flic manipulado, relacionado con una \"arbitrary offset dereference vulnerability.\""
}
],
"id": "CVE-2010-3429",
"lastModified": "2024-11-21T01:18:43.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-09-30T15:00:03.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41626"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43323"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "cve@mitre.org",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2011-1931
Vulnerability from cvelistv5
Published
2011-07-07 21:00
Modified
2024-08-06 22:46
Severity ?
EPSS score ?
Summary
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/517706 | mailing-list, x_refsource_BUGTRAQ | |
| http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32 | x_refsource_CONFIRM | |
| http://securityreason.com/securityalert/8299 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/47602 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339"
},
{
"name": "20110427 NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32"
},
{
"name": "8299",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8299"
},
{
"name": "47602",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-22T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339"
},
{
"name": "20110427 NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32"
},
{
"name": "8299",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8299"
},
{
"name": "47602",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1931",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339"
},
{
"name": "20110427 NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517706"
},
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32"
},
{
"name": "8299",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8299"
},
{
"name": "47602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1931",
"datePublished": "2011-07-07T21:00:00",
"dateReserved": "2011-05-09T00:00:00",
"dateUpdated": "2024-08-06T22:46:00.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3429
Vulnerability from cvelistv5
Published
2010-09-30 14:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:44.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41626"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41626"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"name": "http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b",
"refsource": "CONFIRM",
"url": "http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41626"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=635775",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"name": "http://www.ocert.org/advisories/ocert-2010-004.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3429",
"datePublished": "2010-09-30T14:00:00",
"dateReserved": "2010-09-17T00:00:00",
"dateUpdated": "2024-08-07T03:11:44.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}