Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-2160

Опубликовано: 20 мая 2011
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*
Версия до 0.5.3 (включая)
cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00753
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2011-2160

ubuntu
больше 14 лет назад

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

debian логотип

CVE-2011-2160

debian
больше 14 лет назад

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPl ...

github логотип

GHSA-xcpc-jvcx-3fxc

github
больше 3 лет назад

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

EPSS

Процентиль: 73%
0.00753
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-20