Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-3952

Опубликовано: 20 авг. 2012
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8

Описание

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.

РелизСтатусПримечание
devel

DNE

hardy

ignored

end of life
lucid

released

4:0.5.9-0ubuntu0.10.04.1
natty

DNE

oneiric

DNE

precise

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

DNE

lucid

released

natty

DNE

oneiric

DNE

precise

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

not-affected

4:0.8.1-0ubuntu2
hardy

DNE

lucid

DNE

natty

released

4:0.6.6-0ubuntu0.11.04.1
oneiric

released

4:0.7.6-0ubuntu0.11.10.1
precise

not-affected

4:0.8.1-0ubuntu1
upstream

released

0.8.1,0.6.6

Показывать по

РелизСтатусПримечание
devel

not-affected

4:0.8.1ubuntu1
hardy

DNE

lucid

DNE

natty

released

oneiric

released

precise

not-affected

4:0.8.1ubuntu1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.00957
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2011-3952

nvd
больше 13 лет назад

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.

debian логотип

CVE-2011-3952

debian
больше 13 лет назад

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 ...

github логотип

GHSA-q8mw-vrp6-fqq8

github
больше 3 лет назад

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.

EPSS

Процентиль: 76%
0.00957
Низкий

6.8 Medium

CVSS2