What is the severity of CVE-2011-1931?

CVE-2011-1931 has a severity rating that depends on the configuration and use of the affected software, with potential impact including denial of service.

How do I fix CVE-2011-1931?

To fix CVE-2011-1931, upgrade to FFmpeg version 0.6.3 or later, or use Libav version 0.6.3 or later.

Which software is affected by CVE-2011-1931?

CVE-2011-1931 affects versions of FFmpeg prior to 0.6.3, Libav prior to 0.6.3, and VLC media player versions prior to 1.1.9.

Can CVE-2011-1931 be exploited remotely?

Yes, CVE-2011-1931 can be exploited by remote attackers to cause denial of service.

What types of attacks could be carried out using CVE-2011-1931?

Attackers could use CVE-2011-1931 to launch denial of service attacks by exploiting memory corruption vulnerabilities in the affected software.

Vulnerability/
CVE-2011-1931

medium

6.8

CWE

119

7/7/2011

6/8/2024

CVE-2011-1931: Buffer Overflow

First published: Thu Jul 07 2011(Updated: )

sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
FFmpeg	<=0.6.2
FFmpeg	=0.3
FFmpeg	=0.3.1
FFmpeg	=0.3.2
FFmpeg	=0.3.3
FFmpeg	=0.3.4
FFmpeg	=0.4.0
FFmpeg	=0.4.2
FFmpeg	=0.4.3
FFmpeg	=0.4.4
FFmpeg	=0.4.5
FFmpeg	=0.4.6
FFmpeg	=0.4.7
FFmpeg	=0.4.8
FFmpeg	=0.4.9-pre1
FFmpeg	=0.5
FFmpeg	=0.5.1
FFmpeg	=0.5.2
FFmpeg	=0.5.3
FFmpeg	=0.5.4
FFmpeg	=0.6
FFmpeg	=0.6.1
libavcodec
Libav	<=0.6.2
Libav	=0.3
Libav	=0.3.1
Libav	=0.3.2
Libav	=0.3.3
Libav	=0.3.4
Libav	=0.4.0
Libav	=0.4.1
Libav	=0.4.2
Libav	=0.4.3
Libav	=0.4.4
Libav	=0.4.5
Libav	=0.4.6
Libav	=0.4.7
Libav	=0.4.8
Libav	=0.4.9-pre1
Libav	=0.5
Libav	=0.5.4
Libav	=0.6
Libav	=0.6.1
VideoLAN VLC media player	<=1.1.9
VideoLAN VLC media player	=0.1.99b
VideoLAN VLC media player	=0.1.99e
VideoLAN VLC media player	=0.1.99f
VideoLAN VLC media player	=0.1.99g
VideoLAN VLC media player	=0.1.99h
VideoLAN VLC media player	=0.1.99i
VideoLAN VLC media player	=0.2.0
VideoLAN VLC media player	=0.2.60
VideoLAN VLC media player	=0.2.61
VideoLAN VLC media player	=0.2.62
VideoLAN VLC media player	=0.2.63
VideoLAN VLC media player	=0.2.70
VideoLAN VLC media player	=0.2.71
VideoLAN VLC media player	=0.2.72
VideoLAN VLC media player	=0.2.73
VideoLAN VLC media player	=0.2.80
VideoLAN VLC media player	=0.2.81
VideoLAN VLC media player	=0.2.82
VideoLAN VLC media player	=0.2.83
VideoLAN VLC media player	=0.2.90
VideoLAN VLC media player	=0.2.91
VideoLAN VLC media player	=0.2.92
VideoLAN VLC media player	=0.3.0
VideoLAN VLC media player	=0.3.1
VideoLAN VLC media player	=0.4.0
VideoLAN VLC media player	=0.4.1
VideoLAN VLC media player	=0.4.2
VideoLAN VLC media player	=0.4.3
VideoLAN VLC media player	=0.4.4
VideoLAN VLC media player	=0.4.5
VideoLAN VLC media player	=0.4.6
VideoLAN VLC media player	=0.5.0
VideoLAN VLC media player	=0.5.1
VideoLAN VLC media player	=0.5.2
VideoLAN VLC media player	=0.5.3
VideoLAN VLC media player	=0.6.0
VideoLAN VLC media player	=0.6.1
VideoLAN VLC media player	=0.6.2
VideoLAN VLC media player	=0.7.0
VideoLAN VLC media player	=0.7.2
VideoLAN VLC media player	=0.8.0
VideoLAN VLC media player	=0.8.1
VideoLAN VLC media player	=0.8.2
VideoLAN VLC media player	=0.8.4
VideoLAN VLC media player	=0.8.5
VideoLAN VLC media player	=0.8.6
VideoLAN VLC media player	=0.9.2
VideoLAN VLC media player	=0.9.3
VideoLAN VLC media player	=0.9.4
VideoLAN VLC media player	=0.9.5
VideoLAN VLC media player	=0.9.6
VideoLAN VLC media player	=0.9.8a
VideoLAN VLC media player	=0.9.9
VideoLAN VLC media player	=0.9.10
VideoLAN VLC media player	=1.0.0
VideoLAN VLC media player	=1.0.1
VideoLAN VLC media player	=1.0.2
VideoLAN VLC media player	=1.0.3
VideoLAN VLC media player	=1.0.4
VideoLAN VLC media player	=1.0.5
VideoLAN VLC media player	=1.0.6
VideoLAN VLC media player	=1.1.0
VideoLAN VLC media player	=1.1.1
VideoLAN VLC media player	=1.1.2
VideoLAN VLC media player	=1.1.3
VideoLAN VLC media player	=1.1.4
VideoLAN VLC media player	=1.1.4.1
VideoLAN VLC media player	=1.1.5
VideoLAN VLC media player	=1.1.6
VideoLAN VLC media player	=1.1.7
VideoLAN VLC media player	=1.1.8

Remedy

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339

Remedy

http://git.videolan.org/?p=ffmpeg.git;a=commit;h=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1931?
CVE-2011-1931 has a severity rating that depends on the configuration and use of the affected software, with potential impact including denial of service.
How do I fix CVE-2011-1931?
To fix CVE-2011-1931, upgrade to FFmpeg version 0.6.3 or later, or use Libav version 0.6.3 or later.
Which software is affected by CVE-2011-1931?
CVE-2011-1931 affects versions of FFmpeg prior to 0.6.3, Libav prior to 0.6.3, and VLC media player versions prior to 1.1.9.
Can CVE-2011-1931 be exploited remotely?
Yes, CVE-2011-1931 can be exploited by remote attackers to cause denial of service.
What types of attacks could be carried out using CVE-2011-1931?
Attackers could use CVE-2011-1931 to launch denial of service attacks by exploiting memory corruption vulnerabilities in the affected software.

collector/nvd-historical
agent/author
agent/references
agent/type
agent/remedy
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
vendor/ffmpeg
canonical/ffmpeg
version/ffmpeg/0.6.2
version/ffmpeg/0.3
version/ffmpeg/0.3.1
version/ffmpeg/0.3.2
version/ffmpeg/0.3.3
version/ffmpeg/0.3.4
version/ffmpeg/0.4.0
version/ffmpeg/0.4.2
version/ffmpeg/0.4.3
version/ffmpeg/0.4.4
version/ffmpeg/0.4.5
version/ffmpeg/0.4.6
version/ffmpeg/0.4.7
version/ffmpeg/0.4.8
version/ffmpeg/0.4.9-pre1
version/ffmpeg/0.5
version/ffmpeg/0.5.1
version/ffmpeg/0.5.2
version/ffmpeg/0.5.3
version/ffmpeg/0.5.4
version/ffmpeg/0.6
version/ffmpeg/0.6.1
canonical/libavcodec
vendor/libav
canonical/libav
version/libav/0.6.2
version/libav/0.3
version/libav/0.3.1
version/libav/0.3.2
version/libav/0.3.3
version/libav/0.3.4
version/libav/0.4.0
version/libav/0.4.1
version/libav/0.4.2
version/libav/0.4.3
version/libav/0.4.4
version/libav/0.4.5
version/libav/0.4.6
version/libav/0.4.7
version/libav/0.4.8
version/libav/0.4.9-pre1
version/libav/0.5
version/libav/0.5.4
version/libav/0.6
version/libav/0.6.1
vendor/videolan
canonical/videolan vlc media player
version/videolan vlc media player/1.1.9
version/videolan vlc media player/0.1.99b
version/videolan vlc media player/0.1.99e
version/videolan vlc media player/0.1.99f
version/videolan vlc media player/0.1.99g
version/videolan vlc media player/0.1.99h
version/videolan vlc media player/0.1.99i
version/videolan vlc media player/0.2.0
version/videolan vlc media player/0.2.60
version/videolan vlc media player/0.2.61
version/videolan vlc media player/0.2.62
version/videolan vlc media player/0.2.63
version/videolan vlc media player/0.2.70
version/videolan vlc media player/0.2.71
version/videolan vlc media player/0.2.72
version/videolan vlc media player/0.2.73
version/videolan vlc media player/0.2.80
version/videolan vlc media player/0.2.81
version/videolan vlc media player/0.2.82
version/videolan vlc media player/0.2.83
version/videolan vlc media player/0.2.90
version/videolan vlc media player/0.2.91
version/videolan vlc media player/0.2.92
version/videolan vlc media player/0.3.0
version/videolan vlc media player/0.3.1
version/videolan vlc media player/0.4.0
version/videolan vlc media player/0.4.1
version/videolan vlc media player/0.4.2
version/videolan vlc media player/0.4.3
version/videolan vlc media player/0.4.4
version/videolan vlc media player/0.4.5
version/videolan vlc media player/0.4.6
version/videolan vlc media player/0.5.0
version/videolan vlc media player/0.5.1
version/videolan vlc media player/0.5.2
version/videolan vlc media player/0.5.3
version/videolan vlc media player/0.6.0
version/videolan vlc media player/0.6.1
version/videolan vlc media player/0.6.2
version/videolan vlc media player/0.7.0
version/videolan vlc media player/0.7.2
version/videolan vlc media player/0.8.0
version/videolan vlc media player/0.8.1
version/videolan vlc media player/0.8.2
version/videolan vlc media player/0.8.4
version/videolan vlc media player/0.8.5
version/videolan vlc media player/0.8.6
version/videolan vlc media player/0.9.2
version/videolan vlc media player/0.9.3
version/videolan vlc media player/0.9.4
version/videolan vlc media player/0.9.5
version/videolan vlc media player/0.9.6
version/videolan vlc media player/0.9.8a
version/videolan vlc media player/0.9.9
version/videolan vlc media player/0.9.10
version/videolan vlc media player/1.0.0
version/videolan vlc media player/1.0.1
version/videolan vlc media player/1.0.2
version/videolan vlc media player/1.0.3
version/videolan vlc media player/1.0.4
version/videolan vlc media player/1.0.5
version/videolan vlc media player/1.0.6
version/videolan vlc media player/1.1.0
version/videolan vlc media player/1.1.1
version/videolan vlc media player/1.1.2
version/videolan vlc media player/1.1.3
version/videolan vlc media player/1.1.4
version/videolan vlc media player/1.1.4.1
version/videolan vlc media player/1.1.5
version/videolan vlc media player/1.1.6
version/videolan vlc media player/1.1.7
version/videolan vlc media player/1.1.8

CVE-2011-1931: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1931?

How do I fix CVE-2011-1931?

Which software is affected by CVE-2011-1931?

Can CVE-2011-1931 be exploited remotely?

What types of attacks could be carried out using CVE-2011-1931?

Company

Resources

Contact