FFmpeg Real Media File Parsing Memory Corruption Remote Code Execution Vulnerability

Bugtraq ID: 47149
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2011-0722
Remote: Yes
Local: No
Published: Apr 04 2011 12:00AM
Updated: Sep 12 2011 12:30PM
Credit: Dan Rosenberg
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 ARM
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
MandrakeSoft Linux Mandrake 2010.1 x86_64
MandrakeSoft Linux Mandrake 2010.1
MandrakeSoft Linux Mandrake 2010.0 x86_64
MandrakeSoft Linux Mandrake 2010.0
FFmpeg FFmpeg 0.4.9 20080909
FFmpeg FFmpeg 0.4.9 -pre1
FFmpeg FFmpeg 0.4.9 -0.pre1.5.1.20060
FFmpeg FFmpeg 0.4.9
FFmpeg FFmpeg 0.4.8
FFmpeg FFmpeg 0.4.7
FFmpeg FFmpeg 0.4.6
FFmpeg FFmpeg CVS
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
FFmpeg FFmpeg 2005-03-13
FFmpeg FFmpeg 0.5.3
FFmpeg FFmpeg 0.5.2
FFmpeg FFmpeg 0.5
FFmpeg FFmpeg 0.49_p20060530
FFmpeg FFmpeg 0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: FFmpeg FFmpeg 0.5.4


 

Privacy Statement
Copyright 2010, SecurityFocus