cvelistv5 - cve-2010-3908

cve-2010-3908

Vulnerability from cvelistv5

Published

2011-05-20 22:00

Modified

2024-08-07 03:26

Severity ?

Summary

FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.

References

▼	URL	Tags
	security@ubuntu.com	http://ffmpeg.mplayerhq.hu/
	security@ubuntu.com	http://www.debian.org/security/2011/dsa-2306
	security@ubuntu.com	http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
	security@ubuntu.com	http://www.ubuntu.com/usn/usn-1104-1/
	af854a3a-2127-422b-91ae-364da2661108	http://ffmpeg.mplayerhq.hu/
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2306
	af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-1104-1/

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-2306",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2306"
          },
          {
            "name": "MDVSA-2011:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
          },
          {
            "name": "USN-1104-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-1104-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ffmpeg.mplayerhq.hu/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-26T09:00:00",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "DSA-2306",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2306"
        },
        {
          "name": "MDVSA-2011:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
        },
        {
          "name": "USN-1104-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-1104-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ffmpeg.mplayerhq.hu/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2010-3908",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-2306",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2306"
            },
            {
              "name": "MDVSA-2011:061",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
            },
            {
              "name": "USN-1104-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-1104-1/"
            },
            {
              "name": "http://ffmpeg.mplayerhq.hu/",
              "refsource": "CONFIRM",
              "url": "http://ffmpeg.mplayerhq.hu/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2010-3908",
    "datePublished": "2011-05-20T22:00:00",
    "dateReserved": "2010-10-12T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"0.5.3\", \"matchCriteriaId\": \"F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2649A80-4739-4BBB-AB0B-99AD435BE7CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4A2E77D-B826-4B49-ADC8-7F704E149A5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18157837-4550-45E3-A12E-AE06E047E253\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A20789F-26E3-4871-B24E-25E922BADDF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AE6D368-0BA6-4499-B7E1-EE16C03012E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26C0F6EF-0452-4AFE-AF3E-B88F963A0938\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B4DD372-4D3B-445C-8C38-E083A3C0D4A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"733C03D7-2780-4D69-A98D-BCFB91D1119A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AEE1977-E9E0-4BFF-B33B-B083E49E51F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6979C17-0BC6-47D1-9B73-254D84306A96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"204C7C05-3441-4DB0-8702-D99C8FCB381E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E1A7011-B992-4E35-B306-45772DACB23C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"632BC7C2-FE59-47B0-885C-0EB8C74DF041\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD0AD240-4093-4D11-AE22-F46A08C163D6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.\"}, {\"lang\": \"es\", \"value\": \"FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria y bloqueo de la aplicaci\\u00f3n) o posiblemente ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de un formato incorrecto de archivo WMV.\"}]",
      "id": "CVE-2010-3908",
      "lastModified": "2024-11-21T01:19:52.770",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-05-20T22:55:02.283",
      "references": "[{\"url\": \"http://ffmpeg.mplayerhq.hu/\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2306\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:061\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-1104-1/\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"http://ffmpeg.mplayerhq.hu/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2306\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:061\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-1104-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@ubuntu.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-3908\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2011-05-20T22:55:02.283\",\"lastModified\":\"2024-11-21T01:19:52.770\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.\"},{\"lang\":\"es\",\"value\":\"FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un formato incorrecto de archivo WMV.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.5.3\",\"matchCriteriaId\":\"F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2649A80-4739-4BBB-AB0B-99AD435BE7CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4A2E77D-B826-4B49-ADC8-7F704E149A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18157837-4550-45E3-A12E-AE06E047E253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A20789F-26E3-4871-B24E-25E922BADDF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AE6D368-0BA6-4499-B7E1-EE16C03012E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26C0F6EF-0452-4AFE-AF3E-B88F963A0938\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B4DD372-4D3B-445C-8C38-E083A3C0D4A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"733C03D7-2780-4D69-A98D-BCFB91D1119A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AEE1977-E9E0-4BFF-B33B-B083E49E51F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6979C17-0BC6-47D1-9B73-254D84306A96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"204C7C05-3441-4DB0-8702-D99C8FCB381E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E1A7011-B992-4E35-B306-45772DACB23C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"632BC7C2-FE59-47B0-885C-0EB8C74DF041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD0AD240-4093-4D11-AE22-F46A08C163D6\"}]}]}],\"references\":[{\"url\":\"http://ffmpeg.mplayerhq.hu/\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2306\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:061\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-1104-1/\",\"source\":\"security@ubuntu.com\"},{\"url\":\"http://ffmpeg.mplayerhq.hu/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:061\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-1104-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2010-3908

Vulnerability from fkie_nvd

Published

2011-05-20 22:55

Modified

2024-11-21 01:19

Severity ?

Summary

References

▼	URL	Tags
	security@ubuntu.com	http://ffmpeg.mplayerhq.hu/
	security@ubuntu.com	http://www.debian.org/security/2011/dsa-2306
	security@ubuntu.com	http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
	security@ubuntu.com	http://www.ubuntu.com/usn/usn-1104-1/
	af854a3a-2127-422b-91ae-364da2661108	http://ffmpeg.mplayerhq.hu/
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2306
	af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-1104-1/

Impacted products

Vendor	Product	Version
ffmpeg	ffmpeg	*
ffmpeg	ffmpeg	0.3
ffmpeg	ffmpeg	0.3.1
ffmpeg	ffmpeg	0.3.2
ffmpeg	ffmpeg	0.3.3
ffmpeg	ffmpeg	0.3.4
ffmpeg	ffmpeg	0.4.0
ffmpeg	ffmpeg	0.4.2
ffmpeg	ffmpeg	0.4.3
ffmpeg	ffmpeg	0.4.4
ffmpeg	ffmpeg	0.4.5
ffmpeg	ffmpeg	0.4.6
ffmpeg	ffmpeg	0.4.7
ffmpeg	ffmpeg	0.4.8
ffmpeg	ffmpeg	0.4.9
ffmpeg	ffmpeg	0.5
ffmpeg	ffmpeg	0.5.1
ffmpeg	ffmpeg	0.5.2
mplayerhq	mplayer	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59",
              "versionEndIncluding": "0.5.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0AD240-4093-4D11-AE22-F46A08C163D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
    },
    {
      "lang": "es",
      "value": "FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un formato incorrecto de archivo WMV."
    }
  ],
  "id": "CVE-2010-3908",
  "lastModified": "2024-11-21T01:19:52.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-20T22:55:02.283",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://ffmpeg.mplayerhq.hu/"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.debian.org/security/2011/dsa-2306"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
    },
    {
      "source": "security@ubuntu.com",
      "url": "http://www.ubuntu.com/usn/usn-1104-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ffmpeg.mplayerhq.hu/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-1104-1/"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-g8cw-94xh-g6r4

Vulnerability from github

Published

2022-05-17 05:37

Modified

2022-05-17 05:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-3908"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-05-20T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.",
  "id": "GHSA-g8cw-94xh-g6r4",
  "modified": "2022-05-17T05:37:19Z",
  "published": "2022-05-17T05:37:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3908"
    },
    {
      "type": "WEB",
      "url": "http://ffmpeg.mplayerhq.hu"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2306"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-1104-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2010-3908

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2010-3908

Aliases

CVE-2010-3908

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-3908",
    "description": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.",
    "id": "GSD-2010-3908",
    "references": [
      "https://www.debian.org/security/2011/dsa-2306"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-3908"
      ],
      "details": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.",
      "id": "GSD-2010-3908",
      "modified": "2023-12-13T01:21:34.616151Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@ubuntu.com",
        "ID": "CVE-2010-3908",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "DSA-2306",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2011/dsa-2306"
          },
          {
            "name": "MDVSA-2011:061",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
          },
          {
            "name": "USN-1104-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/usn-1104-1/"
          },
          {
            "name": "http://ffmpeg.mplayerhq.hu/",
            "refsource": "CONFIRM",
            "url": "http://ffmpeg.mplayerhq.hu/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "0.5.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2010-3908"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:061",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
            },
            {
              "name": "http://ffmpeg.mplayerhq.hu/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://ffmpeg.mplayerhq.hu/"
            },
            {
              "name": "USN-1104-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-1104-1/"
            },
            {
              "name": "DSA-2306",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2306"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-10-26T02:53Z",
      "publishedDate": "2011-05-20T22:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2010-3908

Vulnerability from cvelistv5

fkie_cve-2010-3908

Vulnerability from fkie_nvd

ghsa-g8cw-94xh-g6r4

Vulnerability from github

gsd-2010-3908

Vulnerability from gsd

Tags

Sightings

Nomenclature