Lucene search
HistoryJul 07, 2011 - 9:55 p.m.
CVE-2011-1931
cve-2011-1931
sunplus sp5x
jpeg decoder
ffmpeg
libavcodec
videolan vlc
nvd
vulnerability
denial of service
memory corruption
arbitrary code
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.7 High
AI Score
Confidence
High
0.02 Low
EPSS
Percentile
88.9%
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
Affected configurations
Node
ffmpegffmpegRange≤0.6.2
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpeglibavcodec
ORlibavlibavRange≤0.6.2
ORlibavlibavMatch0.3
ORlibavlibavMatch0.3.1
ORlibavlibavMatch0.3.2
ORlibavlibavMatch0.3.3
ORlibavlibavMatch0.3.4
ORlibavlibavMatch0.4.0
ORlibavlibavMatch0.4.1
ORlibavlibavMatch0.4.2
ORlibavlibavMatch0.4.3
ORlibavlibavMatch0.4.4
ORlibavlibavMatch0.4.5
ORlibavlibavMatch0.4.6
ORlibavlibavMatch0.4.7
ORlibavlibavMatch0.4.8
ORlibavlibavMatch0.4.9pre1
ORlibavlibavMatch0.5
ORlibavlibavMatch0.5.4
ORlibavlibavMatch0.6
ORlibavlibavMatch0.6.1
videolanvlc_media_playerRange≤1.1.9
ORvideolanvlc_media_playerMatch0.1.99b
ORvideolanvlc_media_playerMatch0.1.99e
ORvideolanvlc_media_playerMatch0.1.99f
ORvideolanvlc_media_playerMatch0.1.99g
ORvideolanvlc_media_playerMatch0.1.99h
ORvideolanvlc_media_playerMatch0.1.99i
ORvideolanvlc_media_playerMatch0.2.0
ORvideolanvlc_media_playerMatch0.2.60
ORvideolanvlc_media_playerMatch0.2.61
ORvideolanvlc_media_playerMatch0.2.62
ORvideolanvlc_media_playerMatch0.2.63
ORvideolanvlc_media_playerMatch0.2.70
ORvideolanvlc_media_playerMatch0.2.71
ORvideolanvlc_media_playerMatch0.2.72
ORvideolanvlc_media_playerMatch0.2.73
ORvideolanvlc_media_playerMatch0.2.80
ORvideolanvlc_media_playerMatch0.2.81
ORvideolanvlc_media_playerMatch0.2.82
ORvideolanvlc_media_playerMatch0.2.83
ORvideolanvlc_media_playerMatch0.2.90
ORvideolanvlc_media_playerMatch0.2.91
ORvideolanvlc_media_playerMatch0.2.92
ORvideolanvlc_media_playerMatch0.3.0
ORvideolanvlc_media_playerMatch0.3.1
ORvideolanvlc_media_playerMatch0.4.0
ORvideolanvlc_media_playerMatch0.4.1
ORvideolanvlc_media_playerMatch0.4.2
ORvideolanvlc_media_playerMatch0.4.3
ORvideolanvlc_media_playerMatch0.4.4
ORvideolanvlc_media_playerMatch0.4.5
ORvideolanvlc_media_playerMatch0.4.6
ORvideolanvlc_media_playerMatch0.5.0
ORvideolanvlc_media_playerMatch0.5.1
ORvideolanvlc_media_playerMatch0.5.2
ORvideolanvlc_media_playerMatch0.5.3
ORvideolanvlc_media_playerMatch0.6.0
ORvideolanvlc_media_playerMatch0.6.1
ORvideolanvlc_media_playerMatch0.6.2
ORvideolanvlc_media_playerMatch0.7.0
ORvideolanvlc_media_playerMatch0.7.2
ORvideolanvlc_media_playerMatch0.8.0
ORvideolanvlc_media_playerMatch0.8.1
ORvideolanvlc_media_playerMatch0.8.2
ORvideolanvlc_media_playerMatch0.8.4
ORvideolanvlc_media_playerMatch0.8.5
ORvideolanvlc_media_playerMatch0.8.6
ORvideolanvlc_media_playerMatch0.9.2
ORvideolanvlc_media_playerMatch0.9.3
ORvideolanvlc_media_playerMatch0.9.4
ORvideolanvlc_media_playerMatch0.9.5
ORvideolanvlc_media_playerMatch0.9.6
ORvideolanvlc_media_playerMatch0.9.8a
ORvideolanvlc_media_playerMatch0.9.9
ORvideolanvlc_media_playerMatch0.9.10
ORvideolanvlc_media_playerMatch1.0.0
ORvideolanvlc_media_playerMatch1.0.1
ORvideolanvlc_media_playerMatch1.0.2
ORvideolanvlc_media_playerMatch1.0.3
ORvideolanvlc_media_playerMatch1.0.4
ORvideolanvlc_media_playerMatch1.0.5
ORvideolanvlc_media_playerMatch1.0.6
ORvideolanvlc_media_playerMatch1.1.0
ORvideolanvlc_media_playerMatch1.1.1
ORvideolanvlc_media_playerMatch1.1.2
ORvideolanvlc_media_playerMatch1.1.3
ORvideolanvlc_media_playerMatch1.1.4
ORvideolanvlc_media_playerMatch1.1.4.1
ORvideolanvlc_media_playerMatch1.1.5
ORvideolanvlc_media_playerMatch1.1.6
ORvideolanvlc_media_playerMatch1.1.7
ORvideolanvlc_media_playerMatch1.1.8
Related
openvas
openvas
VLC Media Player 'AMV' Denial of Service Vulnerability (Linux)
2011-07-14 00:00:00
VLC Media Player 'AMV' Denial of Service Vulnerability (Windows)
2011-07-14 00:00:00
VLC Media Player 'AMV' Denial of Service Vulnerability - Windows
2011-07-14 00:00:00
debiancve
debiancve
CVE-2011-1931
2011-07-07 21:55:02
securityvulns
securityvulns
LibAVCodec / FFMpeg / VLC index array overflow
2011-08-03 00:00:00
NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write
2011-08-03 00:00:00
cvelist
cvelist
CVE-2011-1931
2011-07-07 21:00:00
prion
prion
Out-of-bounds
2011-07-07 21:55:00
ubuntucve
ubuntucve
CVE-2011-1931
2011-07-07 00:00:00
nvd
nvd
CVE-2011-1931
2011-07-07 21:55:02
nessus
nessus
VLC < 1.1.10 Multiple Vulnerabilities
2011-06-09 00:00:00
Ubuntu 11.04 : libav vulnerabilities (USN-1209-2)
2011-09-20 00:00:00
Ubuntu 10.04 LTS / 10.10 : ffmpeg vulnerabilities (USN-1209-1)
2011-09-20 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2011-09-19 00:00:00
FFmpeg vulnerabilities
2011-09-19 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2013-10-25 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.7 High
AI Score
Confidence
High
0.02 Low
EPSS
Percentile
88.9%
Related for CVE-2011-1931