Vulnerability CVE-2011-3929

Vulnerability Name:

CVE-2011-3929 (CCN-78276)

Assigned:

2011-10-01

Published:

2012-01-30

Updated:

2012-10-30

Summary:

The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-3929

Source: CONFIRM
Type: Vendor Advisory
http://ffmpeg.org/

Source: CCN
Type: FFmpeg Web site
FFmpeg Security

Source: CONFIRM
Type: UNKNOWN
http://git.libav.org/?p=libav.git;a=commit;h=635bcfccd439480003b74a665b5aa7c872c1ad6b

Source: CONFIRM
Type: Exploit, Patch
http://git.libav.org/?p=libav.git;a=commitdiff;h=5a396bb3a66a61a68b80f2369d0249729bf85e04

Source: CONFIRM
Type: Vendor Advisory
http://libav.org/

Source: SECUNIA
Type: UNKNOWN
49089

Source: DEBIAN
Type: UNKNOWN
DSA-2471

Source: DEBIAN
Type: DSA-2471
ffmpeg -- several vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-1479-1

Source: XF
Type: UNKNOWN
ffmpeg-avprivdvproducepacket-code-exec(78276)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ffmpeg:ffmpeg:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.9:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.11:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:ffmpeg:ffmpeg:0.8.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.10:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:libav:libav:0.5:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.4:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.5:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.6:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.7:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:libav:libav:0.6:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.5:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:libav:libav:0.7:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.4:*:*:*:*:*:*:*

Configuration 6:

cpe:/a:libav:libav:0.8:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.8:beta2:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:*