DSA-2336-1 ffmpeg -- several issues| ID: oval:org.secpod.oval:def:600640 | Date: (C)2012-01-30 (M)2023-11-09 |
| Class: PATCH | Family: unix |
Multiple vulnerabilities were found in the ffmpeg, a multimedia player, server and encoder: CVE-2011-3362 An integer signedness error in decode_residual_block function of the Chinese AVS video decoder in libavcodec can lead to denial of service or possible code execution via a crafted CAVS file. CVE-2011-3973/CVE-2011-3974 Multiple errors in the Chinese AVS video decoder can lead to denial of service via an invalid bitstream. CVE-2011-3504 A memory allocation problem in the Matroska format decoder can lead to code execution via a crafted file.
