PublicDateAtUSN: 2011-02-16
Candidate: CVE-2011-0722
PublicDate: 2011-05-20 22:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0722
 https://ubuntu.com/security/notices/USN-1104-1
Description:
 FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote
 attackers to cause a denial of service (heap memory corruption and
 application crash) or possibly execute arbitrary code via a malformed
 RealMedia file.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/690169
Priority: medium
Discovered-by: Dan Rosenberg
Assigned-to: 
CVSS: 

Patches_ffmpeg:
 upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=44511b17cbbb524602c91a198e7314fa57a7062a (0.5.x)
 upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=808f9ce727fb05058a43de8d64539eddf5fa74d6 (0.5.x)
 upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=ec10d2d53999f6edf7d7b5ac88df263eccfb1fb0 (trunk, 0.6.x)
 upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d90aeeaf569e4a08c30b3d1d09c3cff3a86eb431 (trunk, 0.6.x)
upstream_ffmpeg: needs-triage
dapper_ffmpeg: ignored (reached end-of-life)
hardy_ffmpeg: not-affected (code not present)
karmic_ffmpeg: released (4:0.5+svn20090706-2ubuntu2.3)
lucid_ffmpeg: released (4:0.5.1-1ubuntu1.1)
maverick_ffmpeg: not-affected (4:0.6-2ubuntu6)
devel_ffmpeg: DNE