Executive Summary
Summary | |
---|---|
Title | ffmpeg security update |
Informations | |||
---|---|---|---|
Name | DSA-2306 | First vendor Publication | 2011-09-11 |
Vendor | Debian | Last vendor Modification | 2011-09-11 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3908 FFmpeg before 0.5.4, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. CVE-2010-4704 libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. CVE-2011-0480 Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for the channel floor and the channel residue. CVE-2011-0722 FFmpeg allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. For the stable distribution (squeeze), this problem has been fixed in version 4:0.5.4-1. Security support for ffmpeg has been discontinued for the oldstable distribution (lenny). The current version in oldstable is not supported by upstream anymore and is affected by several security issues. Backporting fixes for these and any future issues has become unfeasible and therefore we need to drop our security support for the version in oldstable. We recommend that you upgrade your ffmpeg packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2306 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
40 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-399 | Resource Management Errors |
20 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
20 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14380 | |||
Oval ID: | oval:org.mitre.oval:def:14380 | ||
Title: | Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. | ||
Description: | Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0480 | Version: | 15 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15128 | |||
Oval ID: | oval:org.mitre.oval:def:15128 | ||
Title: | DSA-2306-1 ffmpeg -- several | ||
Description: | Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3908 FFmpeg before 0.5.4, allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed WMV file. CVE-2010-4704 libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg allows remote attackers to cause a denial of service via a crafted .ogg file, related to the vorbis_floor0_decode function. CVE-2011-0480 Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebM file, related to buffers for the channel floor and the channel residue. CVE-2011-0722 FFmpeg allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed RealMedia file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2306-1 CVE-2010-3908 CVE-2010-4704 CVE-2011-0480 CVE-2011-0722 CVE-2011-0723 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | ffmpeg |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-02-11 | Name : Debian Security Advisory DSA 2336-1 (ffmpeg) File : nvt/deb_2336_1.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2306-1 (ffmpeg) File : nvt/deb_2306_1.nasl |
2011-07-22 | Name : Mandriva Update for blender MDVSA-2011:112 (blender) File : nvt/gb_mandriva_MDVSA_2011_112.nasl |
2011-07-22 | Name : Mandriva Update for blender MDVSA-2011:114 (blender) File : nvt/gb_mandriva_MDVSA_2011_114.nasl |
2011-05-17 | Name : Mandriva Update for mplayer MDVSA-2011:088 (mplayer) File : nvt/gb_mandriva_MDVSA_2011_088.nasl |
2011-05-17 | Name : Mandriva Update for mplayer MDVSA-2011:089 (mplayer) File : nvt/gb_mandriva_MDVSA_2011_089.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_060.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:061 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_061.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:062 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_062.nasl |
2011-04-06 | Name : Ubuntu Update for ffmpeg vulnerabilities USN-1104-1 File : nvt/gb_ubuntu_USN_1104_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2165-1 (ffmpeg-debian) File : nvt/deb_2165_1.nasl |
2011-01-27 | Name : Google Chrome multiple vulnerabilities - Jan11 (Linux) File : nvt/gb_google_chrome_mult_vuln_jan11_lin.nasl |
2011-01-27 | Name : Google Chrome multiple vulnerabilities - Jan11 (Windows) File : nvt/gb_google_chrome_mult_vuln_jan11_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
72579 | FFmpeg Malformed WMV File Handling Memory Corruption A memory corruption flaw exists in ffmpeg . The function fails to sanitize user-supplied file resulting in memory corruption. With a specially crafted file, an attacker can execute arbitrary code. |
72578 | FFmpeg RealMedia File Handling Memory Corruption DoS |
72574 | FFmpeg Malformed VC-1 File Handling DoS |
70650 | FFmpeg Vorbis Decoder libavcodec/vorbis_dec.c vorbis_floor0_decode Function O... FFmpeg contains a flaw that may allow a denial of service. The issue is triggered when an error in 'libavcodec/vorbis_dec.c' in the Vorbis decoder occurs, allowing a context-dependent attacker to use a crafted .ogg file to cause a denial of service. |
70463 | FFmpeg Vorbis Decoder vorbis_dec.c WebM File Handling Multiple Overflow DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19217 - Revision : 14 - Type : BROWSER-CHROME |
2014-01-10 | Google Chrome Uninitialized bug_report Pointer Code Execution RuleID : 19216 - Revision : 14 - Type : BROWSER-CHROME |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-12.nasl - Type : ACT_GATHER_INFO |
2011-11-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2336.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2306.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-112.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-114.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-088.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-089.nasl - Type : ACT_GATHER_INFO |
2011-04-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1104-1.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-060.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-061.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-062.nasl - Type : ACT_GATHER_INFO |
2011-02-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2165.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_8_0_552_237.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:30:25 |
|