CVE-2011-3892

Related Files

Mandriva Linux Security Advisory 2012-076

Posted May 15, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-076 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-3929, CVE-2011-3936, CVE-2011-3937, CVE-2011-3940, CVE-2011-3945, CVE-2011-3947, CVE-2011-3973, CVE-2011-3974, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579, CVE-2012-0853, CVE-2012-0858

SHA-256 | cbe20e763ddb60533e4aa2c0372e6d26d0fcf0e0faa767ddc8c8e5d69b7d5216

Download | Favorite | View

Mandriva Linux Security Advisory 2012-075

Posted May 15, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-075 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579

SHA-256 | a0a8eba7465a48df476d1df9722497c093dac6a589b1c042b115c0aad4fae55b

Download | Favorite | View

Debian Security Advisory 2471-1

Posted May 14, 2012

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2471-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability

systems | linux, debian, apple

advisories | CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-3929, CVE-2011-3936, CVE-2011-3940, CVE-2011-3947, CVE-2012-0853, CVE-2012-0947

SHA-256 | a752e73c0cc9d4582a8cb0c918c857c8195a4a7f08461bb000946a973352da1f

Download | Favorite | View

Gentoo Linux Security Advisory 201111-05

Posted Nov 19, 2011

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-5 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 15.0.874.121 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2011-3892, CVE-2011-3893, CVE-2011-3894, CVE-2011-3895, CVE-2011-3896, CVE-2011-3897, CVE-2011-3898, CVE-2011-3900

SHA-256 | 57161b028a2eece67bf043d80846714b774a664d3a1dcec564d070df6893e1e4

Download | Favorite | View