CVE-2011-3504

2011-09-2800:00:00

ubuntu.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

91.0%

JSON

The Matroska format decoder in FFmpeg before 0.8.3 does not properly
allocate memory, which allows remote attackers to execute arbitrary code
via a crafted file.

Notes

Author	Note
mdeslaur	ffmpeg-extra in multiverse needs to have matching version libav-extra is built with tarball produced by libav package
tyhicks	The Mitre description references MSVR11-011, while the upstream commit message references MSVR11-080, which does not exist. I believe there may have been a typo in the commit message. I believe the ffmpeg commit 77d2ef13 was for the 0.8.3 release and 956c901c was the backport for the 0.7.5 release. The older ffmpeg packages in lucid and maverick look to have the same vulnerable code.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchffmpeg< 4:0.5.1-1ubuntu1.3UNKNOWN
ubuntu10.10noarchffmpeg< 4:0.6-2ubuntu6.3UNKNOWN
ubuntu10.04noarchffmpeg-extra< 4:0.5.1-1ubuntu1.3UNKNOWN
ubuntu10.10noarchffmpeg-extra< 4:0.6-2ubuntu3.3UNKNOWN
ubuntu11.04noarchlibav< 4:0.6.4-0ubuntu0.11.04.1UNKNOWN
ubuntu11.04noarchlibav-extra< 4:0.6.4-1ubuntu1UNKNOWN
ubuntu11.10noarchlibav-extra< 4:0.7.3ubuntu0.11.10.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	ffmpeg	< 4:0.5.1-1ubuntu1.3	UNKNOWN
ubuntu	10.10	noarch	ffmpeg	< 4:0.6-2ubuntu6.3	UNKNOWN
ubuntu	10.04	noarch	ffmpeg-extra	< 4:0.5.1-1ubuntu1.3	UNKNOWN
ubuntu	10.10	noarch	ffmpeg-extra	< 4:0.6-2ubuntu3.3	UNKNOWN
ubuntu	11.04	noarch	libav	< 4:0.6.4-0ubuntu0.11.04.1	UNKNOWN
ubuntu	11.04	noarch	libav-extra	< 4:0.6.4-1ubuntu1	UNKNOWN
ubuntu	11.10	noarch	libav-extra	< 4:0.7.3ubuntu0.11.10.1	UNKNOWN