← Back

CVE-2011-3362

nvd nist
Published: Oct 2, 2011Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.

Affected (49)

Products: Ffmpeg: Ffmpeg · Libav: Libav
Ffmpeg
1 product
Ffmpeg
Libav
1 product
Libav
Configuration A
24 vulnerable
Vulnerable SoftwareAffected Versions
Ffmpeg
Ffmpeg
Up to 0.7.2
Ffmpeg
Version 0.3.1
Ffmpeg
Version 0.3.2
Ffmpeg
Version 0.3.3
Ffmpeg
Version 0.3.4
Ffmpeg
Version 0.3
Ffmpeg
Version 0.4.0
Ffmpeg
Version 0.4.2
Ffmpeg
Version 0.4.3
Ffmpeg
Version 0.4.4
Ffmpeg
Version 0.4.5
Ffmpeg
Version 0.4.6
Ffmpeg
Version 0.4.7
Ffmpeg
Version 0.4.8
Ffmpeg
Version 0.4.9 pre1
Ffmpeg
Version 0.5.1
Ffmpeg
Version 0.5.2
Ffmpeg
Version 0.5.3
Ffmpeg
Version 0.5.4
Ffmpeg
Version 0.5
Ffmpeg
Version 0.6.1
Ffmpeg
Version 0.6.2
Ffmpeg
Version 0.6
Ffmpeg
Version 0.7.1
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Ffmpeg
Ffmpeg
Version 0.8.0
Ffmpeg
Version 0.8.1
Configuration C
23 vulnerable
Vulnerable SoftwareAffected Versions
Libav
Libav
Up to 0.7.1
Libav
Version 0.3.1
Libav
Version 0.3.2
Libav
Version 0.3.3
Libav
Version 0.3.4
Libav
Version 0.3
Libav
Version 0.4.0
Libav
Version 0.4.1
Libav
Version 0.4.2
Libav
Version 0.4.3
Libav
Version 0.4.4
Libav
Version 0.4.5
Libav
Version 0.4.6
Libav
Version 0.4.7
Libav
Version 0.4.8
Libav
Version 0.4.9 pre1
Libav
Version 0.5.4
Libav
Version 0.5
Libav
Version 0.6.1
Libav
Version 0.6.2
Libav
Version 0.6
Libav
Version 0.7 beta1
Libav
Version 0.7 beta2

Related CWEs

CWE-189
CWE-189

References (16)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.