Vulnerability Details : CVE-2011-1931
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-1931
Probability of exploitation activity in the next 30 days: 1.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-1931
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2011-1931
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1931
-
http://securityreason.com/securityalert/8299
NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write - CXSecurity.com
-
http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32
git.videolan.org Git - ffmpeg.git/commitPatch
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339
#624339 - Memory corruption in AMV decoder - Debian Bug report logsPatch
-
http://www.securityfocus.com/archive/1/517706
SecurityFocus
-
http://www.securityfocus.com/bid/47602
FFmpeg libavcodec 'sp5xdec.c' '.amv' File Memory Corruption Vulnerability
Products affected by CVE-2011-1931
- cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.7:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.3.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.3.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.9:pre1:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.8:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.0:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.3.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.5.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.6.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.4:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.3.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.6:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.5:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.3:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.2:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec
- cpe:2.3:a:libav:libav:0.4.1:*:*:*:*:*:*:*When used together with: Ffmpeg » Libavcodec