ID CVE-2011-3951 Type cve Reporter cve@mitre.org Modified 2012-08-21T04:00:00
Description
The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.
{"openvas": [{"lastseen": "2017-07-24T12:50:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3951", "CVE-2012-0852"], "description": "The remote host is missing an update to ffmpeg\nannounced via advisory DSA 2494-1.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71472", "href": "http://plugins.openvas.org/nasl.php?oid=71472", "type": "openvas", "title": "Debian Security Advisory DSA 2494-1 (ffmpeg)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2494_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2494-1 (ffmpeg)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that ffmpeg, Debian's version of the libav media\ncodec suite, contains vulnerabilities in the DPCM codecs\n(CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the\nKMVC decoder (CVE-2011-3952).\n\nIn addition, this update contains bug fixes from the libav 0.5.9\nupstream release.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 4:0.5.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 6:0.8.3-1.\n\nWe recommend that you upgrade your ffmpeg packages.\";\ntag_summary = \"The remote host is missing an update to ffmpeg\nannounced via advisory DSA 2494-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202494-1\";\n\nif(description)\n{\n script_id(71472);\n script_cve_id(\"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:05:54 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2494-1 (ffmpeg)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"ffmpeg\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ffmpeg-dbg\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ffmpeg-doc\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice52\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter0\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil49\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc51\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale0\", ver:\"4:0.5.9-1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3951", "CVE-2012-0852"], "description": "The remote host is missing an update to ffmpeg\nannounced via advisory DSA 2494-1.", "modified": "2019-03-18T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071472", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071472", "type": "openvas", "title": "Debian Security Advisory DSA 2494-1 (ffmpeg)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2494_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2494-1 (ffmpeg)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71472\");\n script_cve_id(\"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:05:54 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2494-1 (ffmpeg)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202494-1\");\n script_tag(name:\"insight\", value:\"It was discovered that ffmpeg, Debian's version of the libav media\ncodec suite, contains vulnerabilities in the DPCM codecs\n(CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the\nKMVC decoder (CVE-2011-3952).\n\nIn addition, this update contains bug fixes from the libav 0.5.9\nupstream release.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 4:0.5.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 6:0.8.3-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your ffmpeg packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to ffmpeg\nannounced via advisory DSA 2494-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"ffmpeg\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ffmpeg-dbg\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ffmpeg-doc\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice52\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter0\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil49\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc51\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale-dev\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale0\", ver:\"4:0.5.9-1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:21:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2012-0947", "CVE-2012-0859"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1479-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:841048", "href": "http://plugins.openvas.org/nasl.php?oid=841048", "type": "openvas", "title": "Ubuntu Update for ffmpeg USN-1479-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1479_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for ffmpeg USN-1479-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed DV files. If a user were tricked into opening a\n crafted DV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3929, CVE-2011-3936)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed NSV files. If a user were tricked into opening a\n crafted NSV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3940)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed MJPEG-B files. If a user were tricked into\n opening a crafted MJPEG-B file, an attacker could cause a denial of service\n via application crash, or possibly execute arbitrary code with the\n privileges of the user invoking the program. (CVE-2011-3947)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed DPCM files. If a user were tricked into opening a\n crafted DPCM file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3951)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed KMVC files. If a user were tricked into opening a\n crafted KMVC file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3952)\n\n It was discovered that FFmpeg incorrectly handled certain malformed H.264\n files. If a user were tricked into opening a crafted H.264 file, an\n attacker could cause a denial of service via application crash, or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2012-0851)\n\n It was discovered that FFmpeg incorrectly handled certain malformed ADPCM\n files. If a user were tricked into opening a crafted ADPCM file, an\n attacker could cause a denial of service via application crash, or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2012-0852)\n\n It was discovered that FFmpeg incorrectly handled certain malformed Atrac 3\n files. If a user were tricked into opening a crafted Atrac 3 file, an\n attacker could cause a denial of service via application crash, ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1479-1\";\ntag_affected = \"ffmpeg on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1479-1/\");\n script_id(841048);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:42:08 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3947\",\n \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\",\n \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_xref(name: \"USN\", value: \"1479-1\");\n script_name(\"Ubuntu Update for ffmpeg USN-1479-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"0.5.9-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"0.5.9-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2012-0947", "CVE-2012-0859"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1479-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:1361412562310841048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841048", "type": "openvas", "title": "Ubuntu Update for ffmpeg USN-1479-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1479_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ffmpeg USN-1479-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1479-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841048\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:42:08 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3947\",\n \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\",\n \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_xref(name:\"USN\", value:\"1479-1\");\n script_name(\"Ubuntu Update for ffmpeg USN-1479-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1479-1\");\n script_tag(name:\"affected\", value:\"ffmpeg on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed DV files. If a user were tricked into opening a\n crafted DV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3929, CVE-2011-3936)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed NSV files. If a user were tricked into opening a\n crafted NSV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3940)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed MJPEG-B files. If a user were tricked into\n opening a crafted MJPEG-B file, an attacker could cause a denial of service\n via application crash, or possibly execute arbitrary code with the\n privileges of the user invoking the program. (CVE-2011-3947)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed DPCM files. If a user were tricked into opening a\n crafted DPCM file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3951)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly\n handled certain malformed KMVC files. If a user were tricked into opening a\n crafted KMVC file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. (CVE-2011-3952)\n\n It was discovered that FFmpeg incorrectly handled certain malformed H.264\n files. If a user were tricked into opening a crafted H.264 file, an\n attacker could cause a denial of service via application crash, or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2012-0851)\n\n It was discovered that FFmpeg incorrectly handled certain malformed ADPCM\n files. If a user were tricked into opening a crafted ADPCM file, an\n attacker could cause a denial of service via application crash, or possibly\n execute arbitrary code with the privileges of the user invoking the\n program. (CVE-2012-0852)\n\n It was discovered that FFmpeg incorrectly handled certain malformed Atrac 3\n files. If a user were tricked into opening a crafted Atrac 3 file, an\n attacker could cause a denial of service via application crash, ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"0.5.9-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"0.5.9-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201210-06.", "modified": "2017-07-07T00:00:00", "published": "2012-10-22T00:00:00", "id": "OPENVAS:72522", "href": "http://plugins.openvas.org/nasl.php?oid=72522", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201210-06 (libav)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in Libav, allowing\n attackers to execute arbitrary code or cause Denial of Service.\";\ntag_solution = \"All Libav users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/libav-0.8.3'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201210-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=408555\nhttp://bugs.gentoo.org/show_bug.cgi?id=422537\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201210-06.\";\n\n \n \nif(description)\n{\n script_id(72522);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3945\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0848\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0947\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-22 08:43:44 -0400 (Mon, 22 Oct 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201210-06 (libav)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"media-video/libav\", unaffected: make_list(\"ge 0.8.3\"), vulnerable: make_list(\"lt 0.8.3\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201210-06.", "modified": "2018-10-12T00:00:00", "published": "2012-10-22T00:00:00", "id": "OPENVAS:136141256231072522", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072522", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201210-06 (libav)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201210_06.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72522\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3945\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0848\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0947\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-22 08:43:44 -0400 (Mon, 22 Oct 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201210-06 (libav)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in Libav, allowing\n attackers to execute arbitrary code or cause Denial of Service.\");\n script_tag(name:\"solution\", value:\"All Libav users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/libav-0.8.3'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201210-06\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=408555\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=422537\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201210-06.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"media-video/libav\", unaffected: make_list(\"ge 0.8.3\"), vulnerable: make_list(\"lt 0.8.3\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:21:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947", "CVE-2012-0859"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1478-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:841046", "href": "http://plugins.openvas.org/nasl.php?oid=841046", "type": "openvas", "title": "Ubuntu Update for libav USN-1478-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1478_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for libav USN-1478-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed DV files. If a user were tricked into opening a\n crafted DV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.10.\n (CVE-2011-3929, CVE-2011-3936)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed NSV files. If a user were tricked into opening a\n crafted NSV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3940)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed Kega Game Video (KGV1) files. If a user were\n tricked into opening a crafted Kega Game Video (KGV1) file, an attacker\n could cause a denial of service via application crash, or possibly execute\n arbitrary code with the privileges of the user invoking the program. This\n issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3945)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed MJPEG-B files. If a user were tricked into\n opening a crafted MJPEG-B file, an attacker could cause a denial of service\n via application crash, or possibly execute arbitrary code with the\n privileges of the user invoking the program. This issue only affected\n Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed DPCM files. If a user were tricked into opening a\n crafted DPCM file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3951)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed KMVC files. If a user were tricked into opening a\n crafted KMVC file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3952)\n\n Jeong Wook Oh discovered that Libav incorrectly handled certain malformed\n ASF files. If a user were tricked into ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1478-1\";\ntag_affected = \"libav on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1478-1/\");\n script_id(841046);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:41:48 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3945\",\n \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-4031\",\n \"CVE-2012-0848\", \"CVE-2012-0850\", \"CVE-2012-0851\", \"CVE-2012-0852\",\n \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1478-1\");\n script_name(\"Ubuntu Update for libav USN-1478-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec53\", ver:\"0.8.3-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat53\", ver:\"0.8.3-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec53\", ver:\"0.7.6-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat53\", ver:\"0.7.6-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"0.6.6-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"0.6.6-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947", "CVE-2012-0859"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1478-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:1361412562310841046", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841046", "type": "openvas", "title": "Ubuntu Update for libav USN-1478-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1478_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for libav USN-1478-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1478-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841046\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:41:48 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3945\",\n \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-4031\",\n \"CVE-2012-0848\", \"CVE-2012-0850\", \"CVE-2012-0851\", \"CVE-2012-0852\",\n \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1478-1\");\n script_name(\"Ubuntu Update for libav USN-1478-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1478-1\");\n script_tag(name:\"affected\", value:\"libav on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed DV files. If a user were tricked into opening a\n crafted DV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.10.\n (CVE-2011-3929, CVE-2011-3936)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed NSV files. If a user were tricked into opening a\n crafted NSV file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3940)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed Kega Game Video (KGV1) files. If a user were\n tricked into opening a crafted Kega Game Video (KGV1) file, an attacker\n could cause a denial of service via application crash, or possibly execute\n arbitrary code with the privileges of the user invoking the program. This\n issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3945)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed MJPEG-B files. If a user were tricked into\n opening a crafted MJPEG-B file, an attacker could cause a denial of service\n via application crash, or possibly execute arbitrary code with the\n privileges of the user invoking the program. This issue only affected\n Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed DPCM files. If a user were tricked into opening a\n crafted DPCM file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3951)\n\n Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\n handled certain malformed KMVC files. If a user were tricked into opening a\n crafted KMVC file, an attacker could cause a denial of service via\n application crash, or possibly execute arbitrary code with the privileges\n of the user invoking the program. This issue only affected Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2011-3952)\n\n Jeong Wook Oh discovered that Libav incorrectly handled certain malformed\n ASF files. If a user were tricked into ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec53\", ver:\"0.8.3-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat53\", ver:\"0.8.3-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec53\", ver:\"0.7.6-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat53\", ver:\"0.7.6-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libavcodec52\", ver:\"0.6.6-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libavformat52\", ver:\"0.6.6-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2011-3940", "CVE-2011-3947", "CVE-2011-1931", "CVE-2009-4637", "CVE-2012-2773", "CVE-2012-2781", "CVE-2012-2778", "CVE-2009-4638", "CVE-2013-3673", "CVE-2010-3429", "CVE-2013-3674", "CVE-2011-3950", "CVE-2009-4639", "CVE-2009-4633", "CVE-2012-2789", "CVE-2013-3675", "CVE-2009-4635", "CVE-2012-2802", "CVE-2012-2805", "CVE-2012-2797", "CVE-2011-3951", "CVE-2012-2793", "CVE-2010-4704", "CVE-2012-2779", "CVE-2012-2771", "CVE-2012-2782", "CVE-2013-3672", "CVE-2012-2800", "CVE-2011-3934", "CVE-2012-2792", "CVE-2009-4634", "CVE-2012-2772", "CVE-2012-2788", "CVE-2011-3944", "CVE-2011-3893", "CVE-2011-3941", "CVE-2012-2786", "CVE-2011-4351", "CVE-2013-3670", "CVE-2012-2777", "CVE-2009-4631", "CVE-2012-2775", "CVE-2012-2790", "CVE-2011-3973", "CVE-2012-2803", "CVE-2009-4640", "CVE-2011-3929", "CVE-2012-2795", "CVE-2011-4364", "CVE-2012-2784", "CVE-2009-4632", "CVE-2011-3895", "CVE-2012-2801", "CVE-2010-4705", "CVE-2011-4353", "CVE-2011-3945", "CVE-2011-3974", "CVE-2011-3935", "CVE-2011-3362", "CVE-2012-2783", "CVE-2012-2774", "CVE-2012-2785", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2780", "CVE-2009-4636", "CVE-2012-2794", "CVE-2012-2804", "CVE-2012-2776", "CVE-2011-4352", "CVE-2012-2791", "CVE-2013-3671", "CVE-2011-3949", "CVE-2010-3908", "CVE-2012-2799", "CVE-2012-2798", "CVE-2011-3946"], "description": "Gentoo Linux Local Security Checks GLSA 201310-12", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121050", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201310-12", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201310-12.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121050\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:08 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201310-12\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201310-12\");\n script_cve_id(\"CVE-2009-4631\", \"CVE-2009-4632\", \"CVE-2009-4633\", \"CVE-2009-4634\", \"CVE-2009-4635\", \"CVE-2009-4636\", \"CVE-2009-4637\", \"CVE-2009-4638\", \"CVE-2009-4639\", \"CVE-2009-4640\", \"CVE-2010-3429\", \"CVE-2010-3908\", \"CVE-2010-4704\", \"CVE-2010-4705\", \"CVE-2011-1931\", \"CVE-2011-3362\", \"CVE-2011-3893\", \"CVE-2011-3895\", \"CVE-2011-3929\", \"CVE-2011-3934\", \"CVE-2011-3935\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3941\", \"CVE-2011-3944\", \"CVE-2011-3945\", \"CVE-2011-3946\", \"CVE-2011-3947\", \"CVE-2011-3949\", \"CVE-2011-3950\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-3973\", \"CVE-2011-3974\", \"CVE-2011-4351\", \"CVE-2011-4352\", \"CVE-2011-4353\", \"CVE-2011-4364\", \"CVE-2012-0947\", \"CVE-2012-2771\", \"CVE-2012-2772\", \"CVE-2012-2773\", \"CVE-2012-2774\", \"CVE-2012-2775\", \"CVE-2012-2776\", \"CVE-2012-2777\", \"CVE-2012-2778\", \"CVE-2012-2779\", \"CVE-2012-2780\", \"CVE-2012-2781\", \"CVE-2012-2782\", \"CVE-2012-2783\", \"CVE-2012-2784\", \"CVE-2012-2785\", \"CVE-2012-2786\", \"CVE-2012-2787\", \"CVE-2012-2788\", \"CVE-2012-2789\", \"CVE-2012-2790\", \"CVE-2012-2791\", \"CVE-2012-2792\", \"CVE-2012-2793\", \"CVE-2012-2794\", \"CVE-2012-2795\", \"CVE-2012-2796\", \"CVE-2012-2797\", \"CVE-2012-2798\", \"CVE-2012-2799\", \"CVE-2012-2800\", \"CVE-2012-2801\", \"CVE-2012-2802\", \"CVE-2012-2803\", \"CVE-2012-2804\", \"CVE-2012-2805\", \"CVE-2013-3670\", \"CVE-2013-3671\", \"CVE-2013-3672\", \"CVE-2013-3673\", \"CVE-2013-3674\", \"CVE-2013-3675\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201310-12\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"media-video/ffmpeg\", unaffected: make_list(\"ge 1.0.7\"), vulnerable: make_list(\"lt 1.0.7\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3951", "CVE-2012-0852"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2494-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nJune 14, 2012 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : ffmpeg\r\nVulnerability : several\r\nProblem type : local (remote)\r\nDebian-specific: no\r\nCVE ID : CVE-2011-3951 CVE-2011-3952 CVE-2012-0851 CVE-2012-0852\r\n\r\nIt was discovered that ffmpeg, Debian's version of the libav media\r\ncodec suite, contains vulnerabilities in the DPCM codecs\r\n(CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the\r\nKMVC decoder (CVE-2011-3952).\r\n\r\nIn addition, this update contains bug fixes from the libav 0.5.9\r\nupstream release.\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed\r\nin version 4:0.5.9-1.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 6:0.8.3-1.\r\n\r\nWe recommend that you upgrade your ffmpeg packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJP2k13AAoJEL97/wQC1SS+TuYH/RScyYCdJY4Jp/9tPPguY3zT\r\ncL9CK3T82UqbMRYrMXUwIcCooprBul1gJnD9k0desREY6TZ9qB90EFozu9wlW7fD\r\nNlQXqhKJEhXXn66h/byt0etds67HjzQ+56NhUxn2tC+ImKkxuycal9I/n8IwtPYW\r\nwOMdOmpHlJsncJ5P6sh1v3oVBwVHoX4DqYI3xYf8oK+2LFOSxJSdN76WhQNA84WD\r\nwnn2b0V/AhGONMb/ZtgRP6krK9HFyALay4V7hc4hpk6ywPA+fSUhsPqLDfMe6G3E\r\nkIx80w0yJwxFRG9DMr1aBkAKxdfeTTKv7IyZap7cO/0pEQxRgT49vBkNZj0KjY8=\r\n=jSXR\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-06-17T00:00:00", "published": "2012-06-17T00:00:00", "id": "SECURITYVULNS:DOC:28154", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28154", "title": "[SECURITY] [DSA 2494-1] ffmpeg security update", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-2789", "CVE-2012-2802", "CVE-2011-3951", "CVE-2012-2793", "CVE-2012-2779", "CVE-2012-2800", "CVE-2012-2772", "CVE-2012-2788", "CVE-2012-0852", "CVE-2011-3893", "CVE-2012-2786", "CVE-2012-2777", "CVE-2012-2775", "CVE-2012-2790", "CVE-2012-0853", "CVE-2011-3929", "CVE-2012-2784", "CVE-2011-3895", "CVE-2012-2801", "CVE-2011-3892", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2794", "CVE-2012-2776", "CVE-2012-2798"], "description": "Multiple security vulnerabilities on Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV parsing.", "edition": 1, "modified": "2012-06-17T00:00:00", "published": "2012-06-17T00:00:00", "id": "SECURITYVULNS:VULN:12385", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12385", "title": "ffmpeg library multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:12:30", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3951", "CVE-2012-0852"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2494-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 14, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ffmpeg\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2011-3951 CVE-2011-3952 CVE-2012-0851 CVE-2012-0852\n\nIt was discovered that ffmpeg, Debian's version of the libav media\ncodec suite, contains vulnerabilities in the DPCM codecs\n(CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the\nKMVC decoder (CVE-2011-3952).\n\nIn addition, this update contains bug fixes from the libav 0.5.9\nupstream release.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 4:0.5.9-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 6:0.8.3-1.\n\nWe recommend that you upgrade your ffmpeg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-06-14T20:24:35", "published": "2012-06-14T20:24:35", "id": "DEBIAN:DSA-2494-1:798C5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00134.html", "title": "[SECURITY] [DSA 2494-1] ffmpeg security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:47:31", "description": "It was discovered that FFmpeg, Debian's version of the Libav media\ncodec suite, contains vulnerabilities in the DPCM codecs\n(CVE-2011-3951 ), H.264 (CVE-2012-0851 ), ADPCM (CVE-2012-0852 ), and\nthe KMVC decoder (CVE-2011-3952 ).\n\nIn addition, this update contains bug fixes from the Libav 0.5.9\nupstream release.", "edition": 17, "published": "2012-06-29T00:00:00", "title": "Debian DSA-2494-1 : ffmpeg - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3951", "CVE-2012-0852"], "modified": "2012-06-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:ffmpeg"], "id": "DEBIAN_DSA-2494.NASL", "href": "https://www.tenable.com/plugins/nessus/59772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2494. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59772);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\");\n script_bugtraq_id(51307, 51720);\n script_xref(name:\"DSA\", value:\"2494\");\n\n script_name(english:\"Debian DSA-2494-1 : ffmpeg - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that FFmpeg, Debian's version of the Libav media\ncodec suite, contains vulnerabilities in the DPCM codecs\n(CVE-2011-3951 ), H.264 (CVE-2012-0851 ), ADPCM (CVE-2012-0852 ), and\nthe KMVC decoder (CVE-2011-3952 ).\n\nIn addition, this update contains bug fixes from the Libav 0.5.9\nupstream release.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-3952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/ffmpeg\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2494\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ffmpeg packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 4:0.5.9-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ffmpeg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"ffmpeg\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ffmpeg-dbg\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ffmpeg-doc\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavcodec-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavcodec52\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavdevice-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavdevice52\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavfilter-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavfilter0\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavformat-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavformat52\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavutil-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libavutil49\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpostproc-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpostproc51\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libswscale-dev\", reference:\"4:0.5.9-1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libswscale0\", reference:\"4:0.5.9-1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:37:59", "description": "Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed DV files. If a user were tricked\ninto opening a crafted DV file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2011-3929,\nCVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed NSV files. If a user were\ntricked into opening a crafted NSV file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed MJPEG-B files. If a user were\ntricked into opening a crafted MJPEG-B file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed DPCM files. If a user were\ntricked into opening a crafted DPCM file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed KMVC files. If a user were\ntricked into opening a crafted KMVC file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3952)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nH.264 files. If a user were tricked into opening a crafted H.264 file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0851)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nADPCM files. If a user were tricked into opening a crafted ADPCM file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0852)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nAtrac 3 files. If a user were tricked into opening a crafted Atrac 3\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0853)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nShorten files. If a user were tricked into opening a crafted Shorten\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0858)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nVorbis files. If a user were tricked into opening a crafted Vorbis\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0859)\n\nFabian Yamaguchi discovered that FFmpeg incorrectly handled certain\nmalformed VQA files. If a user were tricked into opening a crafted VQA\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0947).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-06-19T00:00:00", "title": "Ubuntu 10.04 LTS : ffmpeg vulnerabilities (USN-1479-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2012-0947", "CVE-2012-0859"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libavformat52", "p-cpe:/a:canonical:ubuntu_linux:libavcodec52"], "id": "UBUNTU_USN-1479-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59566", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1479-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59566);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_bugtraq_id(51307, 51720, 53389);\n script_xref(name:\"USN\", value:\"1479-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : ffmpeg vulnerabilities (USN-1479-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed DV files. If a user were tricked\ninto opening a crafted DV file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2011-3929,\nCVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed NSV files. If a user were\ntricked into opening a crafted NSV file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed MJPEG-B files. If a user were\ntricked into opening a crafted MJPEG-B file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed DPCM files. If a user were\ntricked into opening a crafted DPCM file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg\nincorrectly handled certain malformed KMVC files. If a user were\ntricked into opening a crafted KMVC file, an attacker could cause a\ndenial of service via application crash, or possibly execute arbitrary\ncode with the privileges of the user invoking the program.\n(CVE-2011-3952)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nH.264 files. If a user were tricked into opening a crafted H.264 file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0851)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nADPCM files. If a user were tricked into opening a crafted ADPCM file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0852)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nAtrac 3 files. If a user were tricked into opening a crafted Atrac 3\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0853)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nShorten files. If a user were tricked into opening a crafted Shorten\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0858)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed\nVorbis files. If a user were tricked into opening a crafted Vorbis\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0859)\n\nFabian Yamaguchi discovered that FFmpeg incorrectly handled certain\nmalformed VQA files. If a user were tricked into opening a crafted VQA\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0947).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1479-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libavcodec52 and / or libavformat52 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavcodec52\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavformat52\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libavcodec52\", pkgver:\"4:0.5.9-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libavformat52\", pkgver:\"4:0.5.9-0ubuntu0.10.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libavcodec52 / libavformat52\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:54:30", "description": "The remote host is affected by the vulnerability described in GLSA-201210-06\n(Libav: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Libav. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted media\n file in an application linked against Libav, possibly resulting in\n execution of arbitrary code with the privileges of the application or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2012-10-22T00:00:00", "title": "GLSA-201210-06 : Libav: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947"], "modified": "2012-10-22T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libav"], "id": "GENTOO_GLSA-201210-06.NASL", "href": "https://www.tenable.com/plugins/nessus/62651", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201210-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62651);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3945\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2012-0848\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0947\");\n script_bugtraq_id(51307, 51720, 53389);\n script_xref(name:\"GLSA\", value:\"201210-06\");\n\n script_name(english:\"GLSA-201210-06 : Libav: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201210-06\n(Libav: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Libav. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted media\n file in an application linked against Libav, possibly resulting in\n execution of arbitrary code with the privileges of the application or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201210-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Libav users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/libav-0.8.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-video/libav\", unaffected:make_list(\"ge 0.8.3\"), vulnerable:make_list(\"lt 0.8.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Libav\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:59", "description": "Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed DV files. If a user were tricked into\nopening a crafted DV file, an attacker could cause a denial of service\nvia application crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue only affected\nUbuntu 11.10. (CVE-2011-3929, CVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed NSV files. If a user were tricked into\nopening a crafted NSV file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed Kega Game Video (KGV1) files. If a user were\ntricked into opening a crafted Kega Game Video (KGV1) file, an\nattacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. This issue only affected Ubuntu 11.04 and Ubuntu\n11.10. (CVE-2011-3945)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed MJPEG-B files. If a user were tricked into\nopening a crafted MJPEG-B file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed DPCM files. If a user were tricked into\nopening a crafted DPCM file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed KMVC files. If a user were tricked into\nopening a crafted KMVC file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3952)\n\nJeong Wook Oh discovered that Libav incorrectly handled certain\nmalformed ASF files. If a user were tricked into opening a crafted ASF\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.10.\n(CVE-2011-4031)\n\nIt was discovered that Libav incorrectly handled certain malformed\nWestwood SNDx files. If a user were tricked into opening a crafted\nWestwood SNDx file, an attacker could cause a denial of service via\napplication crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue only affected\nUbuntu 11.10. (CVE-2012-0848)\n\nDiana Elena Muscalu discovered that Libav incorrectly handled certain\nmalformed AAC files. If a user were tricked into opening a crafted AAC\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0850)\n\nIt was discovered that Libav incorrectly handled certain malformed\nH.264 files. If a user were tricked into opening a crafted H.264 file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0851)\n\nIt was discovered that Libav incorrectly handled certain malformed\nADPCM files. If a user were tricked into opening a crafted ADPCM file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. This issue only affected Ubuntu 11.04 and Ubuntu\n11.10. (CVE-2012-0852)\n\nIt was discovered that Libav incorrectly handled certain malformed\nAtrac 3 files. If a user were tricked into opening a crafted Atrac 3\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0853)\n\nIt was discovered that Libav incorrectly handled certain malformed\nShorten files. If a user were tricked into opening a crafted Shorten\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0858)\n\nIt was discovered that Libav incorrectly handled certain malformed\nVorbis files. If a user were tricked into opening a crafted Vorbis\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0859)\n\nFabian Yamaguchi discovered that Libav incorrectly handled certain\nmalformed VQA files. If a user were tricked into opening a crafted VQA\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0947).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-06-19T00:00:00", "title": "Ubuntu 11.04 / 11.10 / 12.04 LTS : libav vulnerabilities (USN-1478-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947", "CVE-2012-0859"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:libavformat52", "p-cpe:/a:canonical:ubuntu_linux:libavformat53", "p-cpe:/a:canonical:ubuntu_linux:libavcodec53", "p-cpe:/a:canonical:ubuntu_linux:libavcodec52", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1478-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59565", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1478-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59565);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3940\", \"CVE-2011-3945\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-4031\", \"CVE-2012-0848\", \"CVE-2012-0850\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0859\", \"CVE-2012-0947\");\n script_bugtraq_id(51307, 51720, 53389);\n script_xref(name:\"USN\", value:\"1478-1\");\n\n script_name(english:\"Ubuntu 11.04 / 11.10 / 12.04 LTS : libav vulnerabilities (USN-1478-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed DV files. If a user were tricked into\nopening a crafted DV file, an attacker could cause a denial of service\nvia application crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue only affected\nUbuntu 11.10. (CVE-2011-3929, CVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed NSV files. If a user were tricked into\nopening a crafted NSV file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed Kega Game Video (KGV1) files. If a user were\ntricked into opening a crafted Kega Game Video (KGV1) file, an\nattacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. This issue only affected Ubuntu 11.04 and Ubuntu\n11.10. (CVE-2011-3945)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed MJPEG-B files. If a user were tricked into\nopening a crafted MJPEG-B file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed DPCM files. If a user were tricked into\nopening a crafted DPCM file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly\nhandled certain malformed KMVC files. If a user were tricked into\nopening a crafted KMVC file, an attacker could cause a denial of\nservice via application crash, or possibly execute arbitrary code with\nthe privileges of the user invoking the program. This issue only\naffected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3952)\n\nJeong Wook Oh discovered that Libav incorrectly handled certain\nmalformed ASF files. If a user were tricked into opening a crafted ASF\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.10.\n(CVE-2011-4031)\n\nIt was discovered that Libav incorrectly handled certain malformed\nWestwood SNDx files. If a user were tricked into opening a crafted\nWestwood SNDx file, an attacker could cause a denial of service via\napplication crash, or possibly execute arbitrary code with the\nprivileges of the user invoking the program. This issue only affected\nUbuntu 11.10. (CVE-2012-0848)\n\nDiana Elena Muscalu discovered that Libav incorrectly handled certain\nmalformed AAC files. If a user were tricked into opening a crafted AAC\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0850)\n\nIt was discovered that Libav incorrectly handled certain malformed\nH.264 files. If a user were tricked into opening a crafted H.264 file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. (CVE-2012-0851)\n\nIt was discovered that Libav incorrectly handled certain malformed\nADPCM files. If a user were tricked into opening a crafted ADPCM file,\nan attacker could cause a denial of service via application crash, or\npossibly execute arbitrary code with the privileges of the user\ninvoking the program. This issue only affected Ubuntu 11.04 and Ubuntu\n11.10. (CVE-2012-0852)\n\nIt was discovered that Libav incorrectly handled certain malformed\nAtrac 3 files. If a user were tricked into opening a crafted Atrac 3\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0853)\n\nIt was discovered that Libav incorrectly handled certain malformed\nShorten files. If a user were tricked into opening a crafted Shorten\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0858)\n\nIt was discovered that Libav incorrectly handled certain malformed\nVorbis files. If a user were tricked into opening a crafted Vorbis\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. This issue only affected Ubuntu 11.04 and\nUbuntu 11.10. (CVE-2012-0859)\n\nFabian Yamaguchi discovered that Libav incorrectly handled certain\nmalformed VQA files. If a user were tricked into opening a crafted VQA\nfile, an attacker could cause a denial of service via application\ncrash, or possibly execute arbitrary code with the privileges of the\nuser invoking the program. (CVE-2012-0947).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1478-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavcodec52\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavcodec53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavformat52\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libavformat53\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libavcodec52\", pkgver:\"4:0.6.6-0ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libavformat52\", pkgver:\"4:0.6.6-0ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libavcodec53\", pkgver:\"4:0.7.6-0ubuntu0.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libavformat53\", pkgver:\"4:0.7.6-0ubuntu0.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libavcodec53\", pkgver:\"4:0.8.3-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libavformat53\", pkgver:\"4:0.8.3-0ubuntu0.12.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libavcodec52 / libavcodec53 / libavformat52 / libavformat53\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:43:15", "description": "Bundled version of libav in gstreamer-ffmpeg contains a number of\nvulnerabilities.", "edition": 22, "published": "2013-08-21T00:00:00", "title": "FreeBSD : gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav (4d087b35-0990-11e3-a9f4-bcaec565249c)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-4579", "CVE-2011-3951", "CVE-2012-2793", "CVE-2012-2779", "CVE-2012-0848", "CVE-2012-2800", "CVE-2012-2772", "CVE-2012-2788", "CVE-2012-0852", "CVE-2011-3893", "CVE-2012-2786", "CVE-2011-4351", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-2777", "CVE-2012-2775", "CVE-2012-2790", "CVE-2012-0853", "CVE-2012-2803", "CVE-2011-3929", "CVE-2011-4364", "CVE-2012-2784", "CVE-2011-3895", "CVE-2012-2801", "CVE-2011-3892", "CVE-2011-4353", "CVE-2011-3945", "CVE-2012-2783", "CVE-2012-2787", "CVE-2012-0947", "CVE-2012-5144", "CVE-2012-2794", "CVE-2011-4352", "CVE-2012-2791", "CVE-2012-2798"], "modified": "2013-08-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gstreamer-ffmpeg"], "id": "FREEBSD_PKG_4D087B35099011E3A9F4BCAEC565249C.NASL", "href": "https://www.tenable.com/plugins/nessus/69412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69412);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3892\", \"CVE-2011-3893\", \"CVE-2011-3895\", \"CVE-2011-3929\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3945\", \"CVE-2011-3947\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-4031\", \"CVE-2011-4351\", \"CVE-2011-4352\", \"CVE-2011-4353\", \"CVE-2011-4364\", \"CVE-2011-4579\", \"CVE-2012-0848\", \"CVE-2012-0850\", \"CVE-2012-0851\", \"CVE-2012-0852\", \"CVE-2012-0853\", \"CVE-2012-0858\", \"CVE-2012-0947\", \"CVE-2012-2772\", \"CVE-2012-2775\", \"CVE-2012-2777\", \"CVE-2012-2779\", \"CVE-2012-2783\", \"CVE-2012-2784\", \"CVE-2012-2786\", \"CVE-2012-2787\", \"CVE-2012-2788\", \"CVE-2012-2790\", \"CVE-2012-2791\", \"CVE-2012-2793\", \"CVE-2012-2794\", \"CVE-2012-2798\", \"CVE-2012-2800\", \"CVE-2012-2801\", \"CVE-2012-2803\", \"CVE-2012-5144\");\n\n script_name(english:\"FreeBSD : gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav (4d087b35-0990-11e3-a9f4-bcaec565249c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bundled version of libav in gstreamer-ffmpeg contains a number of\nvulnerabilities.\"\n );\n # http://libav.org/releases/libav-0.7.7.changelog\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://libav.org/releases/libav-0.7.7.changelog\"\n );\n # https://vuxml.freebsd.org/freebsd/4d087b35-0990-11e3-a9f4-bcaec565249c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f6a5c64\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gstreamer-ffmpeg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gstreamer-ffmpeg<0.10.13_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:55:06", "description": "The remote host is affected by the vulnerability described in GLSA-201310-12\n(FFmpeg: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in FFmpeg. Please review\n the CVE identifiers and FFmpeg changelogs referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted media\n file, possibly leading to the execution of arbitrary code with the\n privileges of the user running the application or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 26, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2013-10-27T00:00:00", "title": "GLSA-201310-12 : FFmpeg: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2011-3940", "CVE-2011-3947", "CVE-2011-1931", "CVE-2009-4637", "CVE-2012-2773", "CVE-2012-2781", "CVE-2012-2778", "CVE-2009-4638", "CVE-2013-3673", "CVE-2010-3429", "CVE-2013-3674", "CVE-2011-3950", "CVE-2009-4639", "CVE-2009-4633", "CVE-2012-2789", "CVE-2013-3675", "CVE-2009-4635", "CVE-2012-2802", "CVE-2012-2805", "CVE-2012-2797", "CVE-2011-3951", "CVE-2012-2793", "CVE-2010-4704", "CVE-2012-2779", "CVE-2012-2771", "CVE-2012-2782", "CVE-2013-3672", "CVE-2012-2800", "CVE-2011-3934", "CVE-2012-2792", "CVE-2009-4634", "CVE-2012-2772", "CVE-2012-2788", "CVE-2011-3944", "CVE-2011-3893", "CVE-2011-3941", "CVE-2012-2786", "CVE-2011-4351", "CVE-2013-3670", "CVE-2012-2777", "CVE-2009-4631", "CVE-2012-2775", "CVE-2012-2790", "CVE-2011-3973", "CVE-2012-2803", "CVE-2009-4640", "CVE-2011-3929", "CVE-2012-2795", "CVE-2011-4364", "CVE-2012-2784", "CVE-2009-4632", "CVE-2011-3895", "CVE-2012-2801", "CVE-2010-4705", "CVE-2011-4353", "CVE-2011-3945", "CVE-2011-3974", "CVE-2011-3935", "CVE-2011-3362", "CVE-2012-2783", "CVE-2012-2774", "CVE-2012-2785", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2780", "CVE-2009-4636", "CVE-2012-2794", "CVE-2012-2804", "CVE-2012-2776", "CVE-2011-4352", "CVE-2012-2791", "CVE-2013-3671", "CVE-2011-3949", "CVE-2010-3908", "CVE-2012-2799", "CVE-2012-2798", "CVE-2011-3946"], "modified": "2013-10-27T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:ffmpeg"], "id": "GENTOO_GLSA-201310-12.NASL", "href": "https://www.tenable.com/plugins/nessus/70647", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201310-12.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70647);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4631\", \"CVE-2009-4632\", \"CVE-2009-4633\", \"CVE-2009-4634\", \"CVE-2009-4635\", \"CVE-2009-4636\", \"CVE-2009-4637\", \"CVE-2009-4638\", \"CVE-2009-4639\", \"CVE-2009-4640\", \"CVE-2010-3429\", \"CVE-2010-3908\", \"CVE-2010-4704\", \"CVE-2010-4705\", \"CVE-2011-1931\", \"CVE-2011-3362\", \"CVE-2011-3893\", \"CVE-2011-3895\", \"CVE-2011-3929\", \"CVE-2011-3934\", \"CVE-2011-3935\", \"CVE-2011-3936\", \"CVE-2011-3937\", \"CVE-2011-3940\", \"CVE-2011-3941\", \"CVE-2011-3944\", \"CVE-2011-3945\", \"CVE-2011-3946\", \"CVE-2011-3947\", \"CVE-2011-3949\", \"CVE-2011-3950\", \"CVE-2011-3951\", \"CVE-2011-3952\", \"CVE-2011-3973\", \"CVE-2011-3974\", \"CVE-2011-4351\", \"CVE-2011-4352\", \"CVE-2011-4353\", \"CVE-2011-4364\", \"CVE-2012-0947\", \"CVE-2012-2771\", \"CVE-2012-2772\", \"CVE-2012-2773\", \"CVE-2012-2774\", \"CVE-2012-2775\", \"CVE-2012-2776\", \"CVE-2012-2777\", \"CVE-2012-2778\", \"CVE-2012-2779\", \"CVE-2012-2780\", \"CVE-2012-2781\", \"CVE-2012-2782\", \"CVE-2012-2783\", \"CVE-2012-2784\", \"CVE-2012-2785\", \"CVE-2012-2786\", \"CVE-2012-2787\", \"CVE-2012-2788\", \"CVE-2012-2789\", \"CVE-2012-2790\", \"CVE-2012-2791\", \"CVE-2012-2792\", \"CVE-2012-2793\", \"CVE-2012-2794\", \"CVE-2012-2795\", \"CVE-2012-2796\", \"CVE-2012-2797\", \"CVE-2012-2798\", \"CVE-2012-2799\", \"CVE-2012-2800\", \"CVE-2012-2801\", \"CVE-2012-2802\", \"CVE-2012-2803\", \"CVE-2012-2804\", \"CVE-2012-2805\", \"CVE-2013-3670\", \"CVE-2013-3671\", \"CVE-2013-3672\", \"CVE-2013-3673\", \"CVE-2013-3674\", \"CVE-2013-3675\");\n script_bugtraq_id(36465, 46294, 47147, 47602, 49115, 49118, 50642, 50760, 50880, 51720, 53389, 55355, 60476, 60491, 60492, 60494, 60496, 60497);\n script_xref(name:\"GLSA\", value:\"201310-12\");\n\n script_name(english:\"GLSA-201310-12 : FFmpeg: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201310-12\n(FFmpeg: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in FFmpeg. Please review\n the CVE identifiers and FFmpeg changelogs referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted media\n file, possibly leading to the execution of arbitrary code with the\n privileges of the user running the application or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=refs/heads/release/0.10\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d5d92e58\"\n );\n # https://git.videolan.org/?p=ffmpeg.git;a=shortlog;h=refs/heads/release/1.0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50837c86\"\n );\n # http://archives.neohapsis.com/archives/bugtraq/2011-04/0258.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd80b73a\"\n );\n # https://secunia.com/advisories/36760/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://secuniaresearch.flexerasoftware.com//advisories/36760/\"\n );\n # https://secunia.com/advisories/46134/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://secuniaresearch.flexerasoftware.com//advisories/46134/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201310-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All FFmpeg users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/ffmpeg-1.0.7'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94, 119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ffmpeg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-video/ffmpeg\", unaffected:make_list(\"ge 1.0.7\"), vulnerable:make_list(\"lt 1.0.7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"FFmpeg\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T01:43:19", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2012-0947", "CVE-2012-0859"], "description": "Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly \nhandled certain malformed DV files. If a user were tricked into opening a \ncrafted DV file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. (CVE-2011-3929, CVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly \nhandled certain malformed NSV files. If a user were tricked into opening a \ncrafted NSV file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. (CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly \nhandled certain malformed MJPEG-B files. If a user were tricked into \nopening a crafted MJPEG-B file, an attacker could cause a denial of service \nvia application crash, or possibly execute arbitrary code with the \nprivileges of the user invoking the program. (CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly \nhandled certain malformed DPCM files. If a user were tricked into opening a \ncrafted DPCM file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. (CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly \nhandled certain malformed KMVC files. If a user were tricked into opening a \ncrafted KMVC file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. (CVE-2011-3952)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed H.264 \nfiles. If a user were tricked into opening a crafted H.264 file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0851)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed ADPCM \nfiles. If a user were tricked into opening a crafted ADPCM file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0852)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed Atrac 3 \nfiles. If a user were tricked into opening a crafted Atrac 3 file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0853)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed Shorten \nfiles. If a user were tricked into opening a crafted Shorten file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0858)\n\nIt was discovered that FFmpeg incorrectly handled certain malformed Vorbis \nfiles. If a user were tricked into opening a crafted Vorbis file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0859)\n\nFabian Yamaguchi discovered that FFmpeg incorrectly handled certain \nmalformed VQA files. If a user were tricked into opening a crafted VQA \nfile, an attacker could cause a denial of service via application crash, or \npossibly execute arbitrary code with the privileges of the user invoking \nthe program. (CVE-2012-0947)", "edition": 5, "modified": "2012-06-18T00:00:00", "published": "2012-06-18T00:00:00", "id": "USN-1479-1", "href": "https://ubuntu.com/security/notices/USN-1479-1", "title": "FFmpeg vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-17T14:49:05", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947", "CVE-2012-0859"], "description": "Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed DV files. If a user were tricked into opening a \ncrafted DV file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. This issue only affected Ubuntu 11.10. \n(CVE-2011-3929, CVE-2011-3936)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed NSV files. If a user were tricked into opening a \ncrafted NSV file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. This issue only affected Ubuntu 11.04 and \nUbuntu 11.10. (CVE-2011-3940)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed Kega Game Video (KGV1) files. If a user were \ntricked into opening a crafted Kega Game Video (KGV1) file, an attacker \ncould cause a denial of service via application crash, or possibly execute \narbitrary code with the privileges of the user invoking the program. This \nissue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3945)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed MJPEG-B files. If a user were tricked into \nopening a crafted MJPEG-B file, an attacker could cause a denial of service \nvia application crash, or possibly execute arbitrary code with the \nprivileges of the user invoking the program. This issue only affected \nUbuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed DPCM files. If a user were tricked into opening a \ncrafted DPCM file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. This issue only affected Ubuntu 11.04 and \nUbuntu 11.10. (CVE-2011-3951)\n\nMateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly \nhandled certain malformed KMVC files. If a user were tricked into opening a \ncrafted KMVC file, an attacker could cause a denial of service via \napplication crash, or possibly execute arbitrary code with the privileges \nof the user invoking the program. This issue only affected Ubuntu 11.04 and \nUbuntu 11.10. (CVE-2011-3952)\n\nJeong Wook Oh discovered that Libav incorrectly handled certain malformed \nASF files. If a user were tricked into opening a crafted ASF file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. This issue only affected Ubuntu 11.10. (CVE-2011-4031)\n\nIt was discovered that Libav incorrectly handled certain malformed \nWestwood SNDx files. If a user were tricked into opening a crafted Westwood \nSNDx file, an attacker could cause a denial of service via application \ncrash, or possibly execute arbitrary code with the privileges of the user \ninvoking the program. This issue only affected Ubuntu 11.10. \n(CVE-2012-0848)\n\nDiana Elena Muscalu discovered that Libav incorrectly handled certain \nmalformed AAC files. If a user were tricked into opening a crafted AAC \nfile, an attacker could cause a denial of service via application crash, or \npossibly execute arbitrary code with the privileges of the user invoking \nthe program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. \n(CVE-2012-0850)\n\nIt was discovered that Libav incorrectly handled certain malformed H.264 \nfiles. If a user were tricked into opening a crafted H.264 file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. (CVE-2012-0851)\n\nIt was discovered that Libav incorrectly handled certain malformed ADPCM \nfiles. If a user were tricked into opening a crafted ADPCM file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. \n(CVE-2012-0852)\n\nIt was discovered that Libav incorrectly handled certain malformed Atrac 3 \nfiles. If a user were tricked into opening a crafted Atrac 3 file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. \n(CVE-2012-0853)\n\nIt was discovered that Libav incorrectly handled certain malformed Shorten \nfiles. If a user were tricked into opening a crafted Shorten file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. \n(CVE-2012-0858)\n\nIt was discovered that Libav incorrectly handled certain malformed Vorbis \nfiles. If a user were tricked into opening a crafted Vorbis file, an \nattacker could cause a denial of service via application crash, or possibly \nexecute arbitrary code with the privileges of the user invoking the \nprogram. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. \n(CVE-2012-0859)\n\nFabian Yamaguchi discovered that Libav incorrectly handled certain \nmalformed VQA files. If a user were tricked into opening a crafted VQA \nfile, an attacker could cause a denial of service via application crash, or \npossibly execute arbitrary code with the privileges of the user invoking \nthe program. (CVE-2012-0947)", "edition": 6, "modified": "2012-06-18T00:00:00", "published": "2012-06-18T00:00:00", "id": "USN-1478-1", "href": "https://ubuntu.com/security/notices/USN-1478-1", "title": "Libav vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-3951", "CVE-2012-0848", "CVE-2012-0852", "CVE-2012-0853", "CVE-2011-3929", "CVE-2011-3945", "CVE-2012-0947"], "edition": 1, "description": "### Background\n\nLibav is a complete solution to record, convert and stream audio and video. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted media file in an application linked against Libav, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Libav users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/libav-0.8.3\"", "modified": "2012-10-20T00:00:00", "published": "2012-10-20T00:00:00", "id": "GLSA-201210-06", "href": "https://security.gentoo.org/glsa/201210-06", "type": "gentoo", "title": "Libav: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:42", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2011-3940", "CVE-2011-3947", "CVE-2011-1931", "CVE-2009-4637", "CVE-2012-2773", "CVE-2012-2781", "CVE-2012-2778", "CVE-2009-4638", "CVE-2013-3673", "CVE-2010-3429", "CVE-2013-3674", "CVE-2011-3950", "CVE-2009-4639", "CVE-2009-4633", "CVE-2012-2789", "CVE-2013-3675", "CVE-2009-4635", "CVE-2012-2802", "CVE-2012-2805", "CVE-2012-2797", "CVE-2011-3951", "CVE-2012-2793", "CVE-2010-4704", "CVE-2012-2779", "CVE-2012-2771", "CVE-2012-2782", "CVE-2013-3672", "CVE-2012-2800", "CVE-2011-3934", "CVE-2012-2792", "CVE-2009-4634", "CVE-2012-2772", "CVE-2012-2788", "CVE-2011-3944", "CVE-2011-3893", "CVE-2011-3941", "CVE-2012-2786", "CVE-2011-4351", "CVE-2013-3670", "CVE-2012-2777", "CVE-2009-4631", "CVE-2012-2775", "CVE-2012-2790", "CVE-2011-3973", "CVE-2012-2803", "CVE-2009-4640", "CVE-2011-3929", "CVE-2012-2795", "CVE-2011-4364", "CVE-2012-2784", "CVE-2009-4632", "CVE-2011-3895", "CVE-2012-2801", "CVE-2010-4705", "CVE-2011-4353", "CVE-2011-3945", "CVE-2011-3974", "CVE-2011-3935", "CVE-2011-3362", "CVE-2012-2783", "CVE-2012-2774", "CVE-2012-2785", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2780", "CVE-2009-4636", "CVE-2012-2794", "CVE-2012-2804", "CVE-2012-2776", "CVE-2011-4352", "CVE-2012-2791", "CVE-2013-3671", "CVE-2011-3949", "CVE-2010-3908", "CVE-2012-2799", "CVE-2012-2798", "CVE-2011-3946"], "edition": 1, "description": "### Background\n\nFFmpeg is a complete solution to record, convert and stream audio and video. \n\n### Description\n\nMultiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted media file, possibly leading to the execution of arbitrary code with the privileges of the user running the application or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll FFmpeg users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/ffmpeg-1.0.7\"", "modified": "2013-10-25T00:00:00", "published": "2013-10-25T00:00:00", "id": "GLSA-201310-12", "href": "https://security.gentoo.org/glsa/201310-12", "type": "gentoo", "title": "FFmpeg: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:34", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2012-0851", "CVE-2011-3940", "CVE-2011-3947", "CVE-2012-0858", "CVE-2011-4579", "CVE-2011-3951", "CVE-2012-2793", "CVE-2012-2779", "CVE-2012-0848", "CVE-2012-2800", "CVE-2012-2772", "CVE-2012-2788", "CVE-2012-0852", "CVE-2011-3893", "CVE-2012-2786", "CVE-2011-4351", "CVE-2011-4031", "CVE-2012-0850", "CVE-2012-2777", "CVE-2012-2775", "CVE-2012-2790", "CVE-2012-0853", "CVE-2012-2803", "CVE-2011-3929", "CVE-2011-4364", "CVE-2012-2784", "CVE-2011-3895", "CVE-2012-2801", "CVE-2011-3892", "CVE-2011-4353", "CVE-2011-3945", "CVE-2012-2783", "CVE-2012-2787", "CVE-2012-0947", "CVE-2012-5144", "CVE-2012-2794", "CVE-2011-4352", "CVE-2012-2791", "CVE-2012-2798"], "description": "\n\nBundled version of libav in gstreamer-ffmpeg contains a number of\n\t vulnerabilities.\n\n", "edition": 4, "modified": "2013-08-20T00:00:00", "published": "2013-08-20T00:00:00", "id": "4D087B35-0990-11E3-A9F4-BCAEC565249C", "href": "https://vuxml.freebsd.org/freebsd/4d087b35-0990-11e3-a9f4-bcaec565249c.html", "title": "gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
