CVE-2011-4351

Priority
Medium
Description
Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before
0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary
code via unspecified vectors.
References
Notes
mdeslaur> ffmpeg-extra in multiverse needs to have matching version
mdeslaur> libav-extra is built with tarball produced by libav package
mdeslaur> This fixes NGS00144
mdeslaur> As of 2011-12-22, libav is missing the last two commits, but
mdeslaur> upstream says they aren't necessary.
Assigned-to
mdeslaur
Package
Source: libav (LP Ubuntu Debian)
Upstream:released (0.7.3)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (4:0.7.3-2ubuntu1)
Patches:
Upstream:http://git.libav.org/?p=libav.git;a=commit;h=5a19acb17ceb71657b0eec51dac651953520e5c8
Upstream:http://git.libav.org/?p=libav.git;a=commit;h=291d74a46d32183653db07818c7b3407fd50a288
Upstream:http://git.libav.org/?p=libav.git;a=commit;h=7d49f79f1cd47783a963a757a6563b9cac29db62
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):released (4:0.5.1-1ubuntu1.3)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):released (4:0.5.1-1ubuntu1.3)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Patches:
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=491eaf35ae1f9b619441314bec33766e31580184
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=291d74a46d32183653db07818c7b3407fd50a288
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7d49f79f1cd47783a963a757a6563b9cac29db62
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=14db3af4f26dad8e6ddf2147e96ccc710952ad4d
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=895d258e9ba065d035dd30dbc622423031f0185c
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (4:0.7.3ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2013-12-11 18:14:48 UTC (commit 7535)