PublicDateAtUSN: 2011-09-28 Candidate: CVE-2011-3504 PublicDate: 2011-09-29 00:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3504 https://ubuntu.com/security/notices/USN-1320-1 https://ubuntu.com/security/notices/USN-1333-1 Description: The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. Ubuntu-Description: Notes: mdeslaur> ffmpeg-extra in multiverse needs to have matching version mdeslaur> libav-extra is built with tarball produced by libav package tyhicks> The Mitre description references MSVR11-011, while the upstream tyhicks> commit message references MSVR11-080, which does not exist. I believe tyhicks> there may have been a typo in the commit message. tyhicks> I believe the ffmpeg commit 77d2ef13 was for the 0.8.3 release and tyhicks> 956c901c was the backport for the 0.7.5 release. tyhicks> The older ffmpeg packages in lucid and maverick look to have the same tyhicks> vulnerable code. Bugs: Priority: medium Discovered-by: Steve Manzuik Assigned-to: mdeslaur CVSS: Patches_ffmpeg: upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=77d2ef13a8fa630e5081f14bde3fd20f84c90aec vendor: http://lists.debian.org/debian-security-announce/2011/msg00216.html upstream_ffmpeg: needed hardy_ffmpeg: ignored (reached end-of-life) lucid_ffmpeg: released (4:0.5.1-1ubuntu1.3) maverick_ffmpeg: released (4:0.6-2ubuntu6.3) natty_ffmpeg: DNE oneiric_ffmpeg: DNE devel_ffmpeg: DNE Patches_ffmpeg-extra: upstream_ffmpeg-extra: needed hardy_ffmpeg-extra: DNE lucid_ffmpeg-extra: released (4:0.5.1-1ubuntu1.3) maverick_ffmpeg-extra: released (4:0.6-2ubuntu3.3) natty_ffmpeg-extra: DNE oneiric_ffmpeg-extra: DNE devel_ffmpeg-extra: DNE Patches_libav: upstream: http://git.libav.org/?p=libav.git;a=commit;h=77d2ef13a8fa630e5081f14bde3fd20f84c90aec upstream_libav: needed hardy_libav: DNE lucid_libav: DNE maverick_libav: DNE natty_libav: released (4:0.6.4-0ubuntu0.11.04.1) oneiric_libav: not-affected (4:0.7.2-1ubuntu1) devel_libav: not-affected Patches_libav-extra: upstream_libav-extra: needed hardy_libav-extra: DNE lucid_libav-extra: DNE maverick_libav-extra: DNE natty_libav-extra: released (4:0.6.4-1ubuntu1) oneiric_libav-extra: released (4:0.7.3ubuntu0.11.10.1) devel_libav-extra: not-affected (4:0.7.3ubuntu1)