CVE-2011-0480

2011-01-1400:00:00

ubuntu.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

79.6%

JSON

Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg,
as used in Google Chrome before 8.0.552.237 and Chrome OS before
8.0.552.344, allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly have unspecified other impact
via a crafted WebM file, related to buffers for (1) the channel floor and
(2) the channel residue.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchchromium-browser< 8.0.552.237~r70801-0ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchchromium-browser< 8.0.552.237~r70801-0ubuntu0.10.10.1UNKNOWN
ubuntu8.04noarchffmpeg< 3:0.cvs20070307-5ubuntu7.6UNKNOWN
ubuntu9.10noarchffmpeg< 4:0.5+svn20090706-2ubuntu2.3UNKNOWN
ubuntu10.04noarchffmpeg< 4:0.5.1-1ubuntu1.1UNKNOWN
ubuntu10.10noarchffmpeg< 4:0.6-2ubuntu6.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	chromium-browser	< 8.0.552.237~r70801-0ubuntu0.10.04.1	UNKNOWN
ubuntu	10.10	noarch	chromium-browser	< 8.0.552.237~r70801-0ubuntu0.10.10.1	UNKNOWN
ubuntu	8.04	noarch	ffmpeg	< 3:0.cvs20070307-5ubuntu7.6	UNKNOWN
ubuntu	9.10	noarch	ffmpeg	< 4:0.5+svn20090706-2ubuntu2.3	UNKNOWN
ubuntu	10.04	noarch	ffmpeg	< 4:0.5.1-1ubuntu1.1	UNKNOWN
ubuntu	10.10	noarch	ffmpeg	< 4:0.6-2ubuntu6.1	UNKNOWN