[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-3936Date: (C)2012-08-20   (M)2023-12-22


The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
-49089
DSA-2471
USN-1479-1
http://ffmpeg.org/
http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=635bcfccd439480003b74a665b5aa7c872c1ad6b
http://git.libav.org/?p=libav.git%3Ba=commitdiff%3Bh=2d1c0dea5f6b91bec7f5fa53ec050913d851e366
http://libav.org/

CPE    41
cpe:/a:libav:libav:0.7:beta1
cpe:/a:libav:libav:0.7:beta2
cpe:/a:ffmpeg:ffmpeg:0.8.10
cpe:/a:libav:libav:0.6.2
...
CWE    1
CWE-20
OVAL    4
oval:org.secpod.oval:def:700904
oval:org.secpod.oval:def:700902
oval:org.secpod.oval:def:302818
oval:org.secpod.oval:def:600804
...

© SecPod Technologies