CVE-2011-3951: Buffer Overflow
First published: Mon Aug 20 2012(Updated: )
The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.
Credit: cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FFmpeg | =0.7.7 | |
| FFmpeg | =0.7.1 | |
| FFmpeg | =0.8.6 | |
| FFmpeg | =0.8.5 | |
| FFmpeg | =0.9 | |
| FFmpeg | =0.8.10 | |
| FFmpeg | <=0.9.1 | |
| FFmpeg | =0.7.8 | |
| FFmpeg | =0.8.7 | |
| FFmpeg | =0.7.9 | |
| FFmpeg | =0.7.12 | |
| FFmpeg | =0.8.11 | |
| FFmpeg | =0.8.8 | |
| FFmpeg | =0.7.11 | |
| FFmpeg | =0.7.2 | |
| libavutil | =0.6.5 | |
| libavutil | =0.5.6 | |
| libavutil | =0.7 | |
| libavutil | =0.5.7 | |
| libavutil | =0.8 | |
| libavutil | =0.8-beta2 | |
| libavutil | =0.5.3 | |
| libavutil | =0.6.2 | |
| libavutil | =0.5 | |
| libavutil | =0.7.4 | |
| libavutil | =0.7.1 | |
| libavutil | =0.5.2 | |
| libavutil | =0.5.5 | |
| libavutil | =0.6.4 | |
| libavutil | =0.6.3 | |
| libavutil | =0.7.2 | |
| libavutil | =0.5.4 | |
| libavutil | =0.7.5 | |
| libavutil | =0.7.3 | |
| libavutil | =0.6.1 | |
| libavutil | =0.6 | |
| libavutil | =0.5.1 | |
| libavutil | =0.7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-3951?
CVE-2011-3951 has a severity rating that typically indicates a denial of service vulnerability and possible remote code execution.
How do I fix CVE-2011-3951?
To fix CVE-2011-3951, update FFmpeg to version 0.10 or later or Libav to a fixed version such as 0.5.9 for the affected releases.
Which versions of FFmpeg are affected by CVE-2011-3951?
FFmpeg versions prior to 0.10, including 0.7.x, 0.8.x, and 0.9, are affected by CVE-2011-3951.
Which versions of Libav are vulnerable to CVE-2011-3951?
Libav versions prior to 0.5.9, 0.6.6, 0.7.6, and 0.8.1 are vulnerable to CVE-2011-3951.
What types of attacks can CVE-2011-3951 be exploited for?
CVE-2011-3951 can be exploited by remote attackers to crash the application and potentially execute arbitrary code.
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ffmpeg
- canonical/ffmpeg
- version/ffmpeg/0.7.7
- version/ffmpeg/0.7.1
- version/ffmpeg/0.8.6
- version/ffmpeg/0.8.5
- version/ffmpeg/0.9
- version/ffmpeg/0.8.10
- version/ffmpeg/0.9.1
- version/ffmpeg/0.7.8
- version/ffmpeg/0.8.7
- version/ffmpeg/0.7.9
- version/ffmpeg/0.7.12
- version/ffmpeg/0.8.11
- version/ffmpeg/0.8.8
- version/ffmpeg/0.7.11
- version/ffmpeg/0.7.2
- vendor/libav
- canonical/libavutil
- version/libavutil/0.6.5
- version/libavutil/0.5.6
- version/libavutil/0.7
- version/libavutil/0.5.7
- version/libavutil/0.8
- version/libavutil/0.8-beta2
- version/libavutil/0.5.3
- version/libavutil/0.6.2
- version/libavutil/0.5
- version/libavutil/0.7.4
- version/libavutil/0.7.1
- version/libavutil/0.5.2
- version/libavutil/0.5.5
- version/libavutil/0.6.4
- version/libavutil/0.6.3
- version/libavutil/0.7.2
- version/libavutil/0.5.4
- version/libavutil/0.7.5
- version/libavutil/0.7.3
- version/libavutil/0.6.1
- version/libavutil/0.6
- version/libavutil/0.5.1