2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2011-3362" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2011-10-02T20:55:01.320" ,
2024-11-22 13:11:49 +00:00
"lastModified" : "2024-11-21T01:30:20.520" ,
2023-11-07 21:03:21 +00:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file."
} ,
{
"lang" : "es" ,
"value" : "Error de signo de entero en la funci\u00f3n decode_residual_block en cavsdec.c en libavcodec de FFmpeg antes de v0.7.3 y en v0.8.x antes de v0.8.2, y v0.7.1 a trav\u00e9s de libav, permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de la aplicaci\u00f3n ) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de v\u00eddeo AVS chino (tambi\u00e9n conocido como CAVS)."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P" ,
2024-11-22 13:11:49 +00:00
"baseScore" : 6.8 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-11-22 13:11:49 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-189"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "0.7.2" ,
"matchCriteriaId" : "BCCBE19F-8FC3-4F56-9BB4-8A8985E23F73"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B2649A80-4739-4BBB-AB0B-99AD435BE7CF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D4A2E77D-B826-4B49-ADC8-7F704E149A5A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "18157837-4550-45E3-A12E-AE06E047E253"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3A20789F-26E3-4871-B24E-25E922BADDF0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6AE6D368-0BA6-4499-B7E1-EE16C03012E9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "26C0F6EF-0452-4AFE-AF3E-B88F963A0938"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "733C03D7-2780-4D69-A98D-BCFB91D1119A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E6979C17-0BC6-47D1-9B73-254D84306A96"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "204C7C05-3441-4DB0-8702-D99C8FCB381E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E1A7011-B992-4E35-B306-45772DACB23C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "632BC7C2-FE59-47B0-885C-0EB8C74DF041"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5B8FA106-FE65-4BB0-92A7-E8A5AF978A9B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "514669DA-8D02-44CE-BE18-8783F69AE394"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "37FBB817-A186-4517-9DA7-B3638576AAE7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "157ABA40-6101-4E9C-A24C-84F8E23D374D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C7EA46DD-2CC4-426F-8709-821B7572C94A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "07669E0E-8C4B-430E-802F-F64EEA2B5A0B"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "87090477-1D36-48B3-88AE-5CD5EE8F89D7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ffmpeg:ffmpeg:0.8.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2096FF8B-9B57-4C59-84DB-9CC0DEAB47AC"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "0.7.1" ,
"matchCriteriaId" : "AAF0C60B-501B-4BF6-B3F2-268625EB4DA3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FB86B78D-837D-481F-A6E8-F48501E08D94"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5056E88C-1F9D-4138-A291-D28CB6766D49"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "76D7B815-46FE-4EB6-A922-5B174B74F4D2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.3.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5ECC4210-D6A3-4ECC-A042-2107FD655A40"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.3.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "71EE1D87-553D-4EA6-BFA7-58CBA7819A01"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9CDE9C28-FCF7-4CF8-A657-780F18769980"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E1607C08-0CAD-4148-9F0E-74E53D364156"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B957D8F4-F012-4FF5-87B5-3D31936004DF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B9344E3-FBB0-4777-889A-D40438C3C560"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D53D47A-8946-4EB3-8A2B-4A87E0AADD11"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4F28C3ED-FE8A-4404-9CD7-9119373C6EC5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B473F20B-FE7F-4AB4-86AB-BE50E68A1E55"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C5E0C3E3-7935-4569-B086-9C1CA048EE68"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "78EBAC6A-AAD3-4F7F-8500-C98EB2BD4468"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.4.9:pre1:*:*:*:*:*:*" ,
"matchCriteriaId" : "38A1F1CF-56FD-46C4-AABA-AA72648D7863"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F27FF9C0-652E-42E8-90D0-B9B369DD6C8D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CECEC54E-7014-447C-9174-8C2B026FF0B0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABD1BB7A-D6FF-4B80-9DA6-36D081FB41CE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "530C27CC-3250-4C94-8D88-F423FFD0BD4B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "936C1855-67FB-49C3-A20A-3FE331403366"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*" ,
"matchCriteriaId" : "B8B20C36-FD4A-4DEB-B060-90C25440606F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*" ,
"matchCriteriaId" : "3FB24BD2-D741-4790-89C5-133BF8AEB191"
}
]
}
]
}
] ,
"references" : [
{
2023-11-07 21:03:21 +00:00
"url" : "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91d5da9321c52e8197fb14046ebb335f3e6ff4a0" ,
"source" : "secalert@redhat.com"
2023-04-24 12:24:31 +02:00
} ,
{
2023-11-07 21:03:21 +00:00
"url" : "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c5cbda50793e311aa73489d12184ffd6761c9fbf" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://secunia.com/advisories/45532" ,
2023-04-24 12:24:31 +02:00
"source" : "secalert@redhat.com" ,
"tags" : [
2023-11-07 21:03:21 +00:00
"Vendor Advisory"
2023-04-24 12:24:31 +02:00
]
} ,
{
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.ocert.org/advisories/ocert-2011-002.html" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "http://www.openwall.com/lists/oss-security/2011/09/13/4" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://www.openwall.com/lists/oss-security/2011/09/14/8" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Patch"
]
2024-11-22 13:11:49 +00:00
} ,
{
"url" : "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=91d5da9321c52e8197fb14046ebb335f3e6ff4a0" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c5cbda50793e311aa73489d12184ffd6761c9fbf" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://secunia.com/advisories/45532" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.7.5.changelog" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.ffmpeg.org/releases/ffmpeg-0.8.4.changelog" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.ocert.org/advisories/ocert-2011-002.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.openwall.com/lists/oss-security/2011/09/13/4" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
} ,
{
"url" : "http://www.openwall.com/lists/oss-security/2011/09/14/8" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch"
]
2023-04-24 12:24:31 +02:00
}
]
}
