cvelistv5 - cve-2011-0480

CVE-2011-0480 (GCVE-0-2011-0480)

Vulnerability from cvelistv5

Published

2011-01-14 16:00

Modified

2024-08-06 21:51

Severity ?

CWE

Summary

Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue.

References

URL

Tags

	http://roundup.ffmpeg.org/issue2548	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2306	vendor-advisory, x_refsource_DEBIAN
	http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html	x_refsource_CONFIRM
	http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703	mailing-list, x_refsource_MLIST
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550	x_refsource_CONFIRM
	http://codereview.chromium.org/6069005	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/45788	vdb-entry, x_refsource_BID
	http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:061	vendor-advisory, x_refsource_MANDRIVA
	http://src.chromium.org/viewvc/chrome?view=rev&revision=70200	x_refsource_CONFIRM
	http://codereview.chromium.org/5964011	x_refsource_CONFIRM
	http://www.srware.net/forum/viewtopic.php?f=18&t=2054	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/usn-1104-1/	vendor-advisory, x_refsource_UBUNTU
	http://osvdb.org/70463	vdb-entry, x_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64671	vdb-entry, x_refsource_XF
	http://ffmpeg.mplayerhq.hu/	x_refsource_CONFIRM
	http://code.google.com/p/chromium/issues/detail?id=68115	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14380	vdb-entry, signature, x_refsource_OVAL
	http://roundup.ffmpeg.org/issue2550	x_refsource_CONFIRM
	http://secunia.com/advisories/42951	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:51:08.928Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://roundup.ffmpeg.org/issue2548"
          },
          {
            "name": "DSA-2306",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2306"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
          },
          {
            "name": "[ffmpeg-devel] 20101229 [PATCH] Fix a couple of errors with bad Vorbis headers",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://codereview.chromium.org/6069005"
          },
          {
            "name": "45788",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45788"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3"
          },
          {
            "name": "MDVSA-2011:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=70200"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://codereview.chromium.org/5964011"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054"
          },
          {
            "name": "USN-1104-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-1104-1/"
          },
          {
            "name": "70463",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/70463"
          },
          {
            "name": "chrome-vorbis-bo(64671)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64671"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ffmpeg.mplayerhq.hu/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=68115"
          },
          {
            "name": "oval:org.mitre.oval:def:14380",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14380"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://roundup.ffmpeg.org/issue2550"
          },
          {
            "name": "42951",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42951"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-01-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://roundup.ffmpeg.org/issue2548"
        },
        {
          "name": "DSA-2306",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2306"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
        },
        {
          "name": "[ffmpeg-devel] 20101229 [PATCH] Fix a couple of errors with bad Vorbis headers",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://codereview.chromium.org/6069005"
        },
        {
          "name": "45788",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45788"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3"
        },
        {
          "name": "MDVSA-2011:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=70200"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://codereview.chromium.org/5964011"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054"
        },
        {
          "name": "USN-1104-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-1104-1/"
        },
        {
          "name": "70463",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/70463"
        },
        {
          "name": "chrome-vorbis-bo(64671)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64671"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ffmpeg.mplayerhq.hu/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=68115"
        },
        {
          "name": "oval:org.mitre.oval:def:14380",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14380"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://roundup.ffmpeg.org/issue2550"
        },
        {
          "name": "42951",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42951"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-0480",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://roundup.ffmpeg.org/issue2548",
              "refsource": "CONFIRM",
              "url": "http://roundup.ffmpeg.org/issue2548"
            },
            {
              "name": "DSA-2306",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2306"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
            },
            {
              "name": "[ffmpeg-devel] 20101229 [PATCH] Fix a couple of errors with bad Vorbis headers",
              "refsource": "MLIST",
              "url": "http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550"
            },
            {
              "name": "http://codereview.chromium.org/6069005",
              "refsource": "CONFIRM",
              "url": "http://codereview.chromium.org/6069005"
            },
            {
              "name": "45788",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/45788"
            },
            {
              "name": "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=13184036a6b1b1d4b61c91118c0896e9ad4634c3",
              "refsource": "CONFIRM",
              "url": "http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=13184036a6b1b1d4b61c91118c0896e9ad4634c3"
            },
            {
              "name": "MDVSA-2011:061",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
            },
            {
              "name": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=70200",
              "refsource": "CONFIRM",
              "url": "http://src.chromium.org/viewvc/chrome?view=rev\u0026revision=70200"
            },
            {
              "name": "http://codereview.chromium.org/5964011",
              "refsource": "CONFIRM",
              "url": "http://codereview.chromium.org/5964011"
            },
            {
              "name": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054",
              "refsource": "CONFIRM",
              "url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054"
            },
            {
              "name": "USN-1104-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-1104-1/"
            },
            {
              "name": "70463",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/70463"
            },
            {
              "name": "chrome-vorbis-bo(64671)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64671"
            },
            {
              "name": "http://ffmpeg.mplayerhq.hu/",
              "refsource": "CONFIRM",
              "url": "http://ffmpeg.mplayerhq.hu/"
            },
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=68115",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=68115"
            },
            {
              "name": "oval:org.mitre.oval:def:14380",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14380"
            },
            {
              "name": "http://roundup.ffmpeg.org/issue2550",
              "refsource": "CONFIRM",
              "url": "http://roundup.ffmpeg.org/issue2550"
            },
            {
              "name": "42951",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42951"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-0480",
    "datePublished": "2011-01-14T16:00:00.000Z",
    "dateReserved": "2011-01-14T00:00:00.000Z",
    "dateUpdated": "2024-08-06T21:51:08.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-507

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été découverte dans FFmpeg.

Description

Plusieurs vulnérabilités sont présentes dans FFmpeg.

La première (CVE-2010-3908) permet à une personne malintentionnée d'effectuer un déni de service, voire d'exécuter du code arbitraire, lors de l'ouverture d'un fichier WMV spécialement conçu.

La deuxième (CVE-2010-4704) permet de provoquer un déni de service lors de l'ouverture d'un fichier Ogg contrefait.

La troisième (CVE-2011-0480) concerne différents dépassements de tampon dans le décodeur Vorbis, pouvant avoir lieu lors de l'ouverture d'un fichier WebM spécialement formé. Il est alors possible de rendre l'application inopérante (déni de service). Ce problème pourrait avoir d'autres conséquences non déterminées.

La dernière (CVE-2011-0722) permet à un utilisateur malintentionné de provoquer un déni de service ou une exécution de code arbitraire lors de la lecture d'un fichier RealMedia contrefait.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Debian Squeeze

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Buleltin de sécurité Debian DSA-2306-1 du 11 septembre 2011	None	vendor-advisory
Bulletin de sécurité Debian DSA 2306 du 11 septembre 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eDebian Squeeze\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans FFmpeg.\n\nLa premi\u00e8re (CVE-2010-3908) permet \u00e0 une personne malintentionn\u00e9e\nd\u0027effectuer un d\u00e9ni de service, voire d\u0027ex\u00e9cuter du code arbitraire,\nlors de l\u0027ouverture d\u0027un fichier WMV sp\u00e9cialement con\u00e7u.\n\nLa deuxi\u00e8me (CVE-2010-4704) permet de provoquer un d\u00e9ni de service lors\nde l\u0027ouverture d\u0027un fichier Ogg contrefait.\n\nLa troisi\u00e8me (CVE-2011-0480) concerne diff\u00e9rents d\u00e9passements de tampon\ndans le d\u00e9codeur Vorbis, pouvant avoir lieu lors de l\u0027ouverture d\u0027un\nfichier WebM sp\u00e9cialement form\u00e9. Il est alors possible de rendre\nl\u0027application inop\u00e9rante (d\u00e9ni de service). Ce probl\u00e8me pourrait avoir\nd\u0027autres cons\u00e9quences non d\u00e9termin\u00e9es.\n\nLa derni\u00e8re (CVE-2011-0722) permet \u00e0 un utilisateur malintentionn\u00e9 de\nprovoquer un d\u00e9ni de service ou une ex\u00e9cution de code arbitraire lors de\nla lecture d\u0027un fichier RealMedia contrefait.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4704"
    },
    {
      "name": "CVE-2011-0480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0480"
    },
    {
      "name": "CVE-2011-0722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0722"
    },
    {
      "name": "CVE-2010-3908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3908"
    }
  ],
  "initial_release_date": "2011-09-13T00:00:00",
  "last_revision_date": "2011-09-13T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 2306 du 11 septembre 2011 :",
      "url": "http://www.debian.org/security/2011/dsa-2306"
    }
  ],
  "reference": "CERTA-2011-AVI-507",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-09-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couverte dans \u00a0\u003cspan\nclass=\"textit\"\u003eFFmpeg\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans FFmpeg",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Buleltin de s\u00e9curit\u00e9 Debian DSA-2306-1 du 11 septembre 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-080

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans ffmpeg permettent un déni de service à distance.

Description

Plusieurs vulnérabilités dans le décodeur Vorbis de ffmpeg peuvent être exploitées par le biais d'un fichier spécialement conçu. Ces vulnérabilités provoquent un déni de service.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Toutes versions de ffmpeg.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité ffmpeg 2550 du 15 janvier 2011	None	vendor-advisory
Bulletin de sécurité ffmpeg 2322 du 25 octobre 2010	None	vendor-advisory
Bulletin de sécurité ffmpeg 2548 du 15 janvier 2011	None	vendor-advisory
Bulletin de sécurité ffmepg 2322 du 25 octobre 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eToutes versions de ffmpeg.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans le d\u00e9codeur Vorbis de ffmpeg peuvent \u00eatre\nexploit\u00e9es par le biais d\u0027un fichier sp\u00e9cialement con\u00e7u. Ces\nvuln\u00e9rabilit\u00e9s provoquent un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4704"
    },
    {
      "name": "CVE-2011-0480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0480"
    },
    {
      "name": "CVE-2010-4705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4705"
    }
  ],
  "initial_release_date": "2011-02-10T00:00:00",
  "last_revision_date": "2011-02-10T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 ffmepg 2322 du 25 octobre 2010 :",
      "url": "http://roundup.ffmpeg.org/issue2322"
    }
  ],
  "reference": "CERTA-2011-AVI-080",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-02-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans ffmpeg permettent un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans ffmpeg",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ffmpeg 2550 du 15 janvier 2011",
      "url": "http://roundup.ffmpeg.org/issue2550"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ffmpeg 2322 du 25 octobre 2010",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 ffmpeg 2548 du 15 janvier 2011",
      "url": "http://roundup.ffmpeg.org/issue2548"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2011-0480 (GCVE-0-2011-0480)

Vulnerability from cvelistv5

CERTA-2011-AVI-507

Vulnerability from certfr_avis

Description

Solution

CERTA-2011-AVI-080

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature