FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3945

This CVE name corresponds to:

Entered Topic
2013-08-20 gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-3945 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-3945
Phase Assigned(20111001)

Description

The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file.

References

Source Reference
CONFIRM http://ffmpeg.org/
CONFIRM http://git.libav.org/?p=libav.git;a=commit;h=a02e8df973f5478ec82f4c507f5b5b191a5ecb6b
CONFIRM http://git.videolan.org/?p=ffmpeg.git;a=commit;h=807a045ab7f51993a2c1b3116016cbbd4f3d20d6
CONFIRM http://libav.org/
MANDRIVA MDVSA-2012:076

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.