Lucene search

[email protected]CVE-2011-3362

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-3362

2022-10-0316:15:08

CWE-189

[email protected]

web.nvd.nist.gov

cve

2011

3362

integer signedness error

decode_residual_block

cavsdec.c

libavcodec

ffmpeg

denial of service

memory corruption

application crash

execute arbitrary code

chinese avs video

cavs

9.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.1%

JSON

Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.

Affected configurations

NVD

Node

ffmpegffmpegRange≤0.7.2

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.7.1

Node

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

Node

libavlibavRange≤0.7.1

libavlibavMatch0.3

libavlibavMatch0.3.1

libavlibavMatch0.3.2

libavlibavMatch0.3.3

libavlibavMatch0.3.4

libavlibavMatch0.4.0

libavlibavMatch0.4.1

libavlibavMatch0.4.2

libavlibavMatch0.4.3

libavlibavMatch0.4.4

libavlibavMatch0.4.5

libavlibavMatch0.4.6

libavlibavMatch0.4.7

libavlibavMatch0.4.8

libavlibavMatch0.4.9pre1

libavlibavMatch0.5

libavlibavMatch0.5.4

libavlibavMatch0.6

libavlibavMatch0.6.1

libavlibavMatch0.6.2

libavlibavMatch0.7beta1

libavlibavMatch0.7beta2

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle0.7.2
ffmpeg:ffmpegffmpegeq0.3
ffmpeg:ffmpegffmpegeq0.3.1
ffmpeg:ffmpegffmpegeq0.3.2
ffmpeg:ffmpegffmpegeq0.3.3
ffmpeg:ffmpegffmpegeq0.3.4
ffmpeg:ffmpegffmpegeq0.4.0
ffmpeg:ffmpegffmpegeq0.4.2
ffmpeg:ffmpegffmpegeq0.4.3
ffmpeg:ffmpegffmpegeq0.4.4

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	0.7.2
ffmpeg:ffmpeg	ffmpeg	eq	0.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.1
ffmpeg:ffmpeg	ffmpeg	eq	0.3.2
ffmpeg:ffmpeg	ffmpeg	eq	0.3.3
ffmpeg:ffmpeg	ffmpeg	eq	0.3.4
ffmpeg:ffmpeg	ffmpeg	eq	0.4.0
ffmpeg:ffmpeg	ffmpeg	eq	0.4.2
ffmpeg:ffmpeg	ffmpeg	eq	0.4.3
ffmpeg:ffmpeg	ffmpeg	eq	0.4.4