FFmpeg vulnerabilities

2011-09-1900:00:00

ubuntu.com

10 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.1%

JSON

Releases

Ubuntu 10.10
Ubuntu 10.04

Packages

ffmpeg - multimedia player, server and encoder

Details

It was discovered that FFmpeg incorrectly handled certain malformed ogg
files. If a user were tricked into opening a crafted ogg file, an attacker
could cause a denial of service via application crash, or possibly execute
arbitrary code with the privileges of the user invoking the program. This
issue only affected Ubuntu 10.10. (CVE-2011-1196)

It was discovered that FFmpeg incorrectly handled certain malformed AMV
files. If a user were tricked into opening a crafted AMV file, an attacker
could cause a denial of service via application crash, or possibly execute
arbitrary code with the privileges of the user invoking the program. This
issue only affected Ubuntu 10.10. (CVE-2011-1931)

It was discovered that FFmpeg incorrectly handled certain malformed APE
files. If a user were tricked into opening a crafted APE file, an attacker
could cause a denial of service via application crash. (CVE-2011-2161)

Emmanouel Kellinis discovered that FFmpeg incorrectly handled certain
malformed CAVS files. If a user were tricked into opening a crafted CAVS
file, an attacker could cause a denial of service via application crash, or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2011-3362)

OSVersionArchitecturePackageVersionFilename
Ubuntu10.10noarchlibavformat52< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchffmpeg< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchffmpeg-dbg< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavcodec-dev< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavcodec52< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavdevice-dev< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavdevice52< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavfilter-dev< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavfilter1< 4:0.6-2ubuntu6.2UNKNOWN
Ubuntu10.10noarchlibavformat-dev< 4:0.6-2ubuntu6.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	10.10	noarch	libavformat52	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	ffmpeg	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	ffmpeg-dbg	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavcodec-dev	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavcodec52	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavdevice-dev	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavdevice52	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavfilter-dev	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavfilter1	< 4:0.6-2ubuntu6.2	UNKNOWN
Ubuntu	10.10	noarch	libavformat-dev	< 4:0.6-2ubuntu6.2	UNKNOWN