Vulnerability CVE-2011-3940

Vulnerability Name:

CVE-2011-3940 (CCN-72790)

Assigned:

2011-10-01

Published:

2012-01-30

Updated:

2012-10-30

Summary:

nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams."

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-3940

Source: CONFIRM
Type: Vendor Advisory
http://ffmpeg.org/

Source: CCN
Type: FFmpeg Web site
FFmpeg Security

Source: CONFIRM
Type: Exploit, Patch
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5c011706bc752d34bc6ada31d7df2ca0c9af7c6b

Source: CONFIRM
Type: Exploit, Patch
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8fd8a48263ff1437f9d02d7e78dc63efb9b5ed3a

Source: CONFIRM
Type: Exploit, Patch
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c898431ca5ef2a997fe9388b650f658fb60783e5

Source: CONFIRM
Type: Vendor Advisory
http://libav.org/

Source: CCN
Type: SA47765
FFmpeg Multiple Vulnerabilities

Source: CCN
Type: SA49022
FFmpeg Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
49089

Source: DEBIAN
Type: UNKNOWN
DSA-2471

Source: DEBIAN
Type: DSA-2471
ffmpeg -- several vulnerabilities

Source: CCN
Type: BID-51720
FFmpeg Multiple Remote Vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-1479-1

Source: XF
Type: UNKNOWN
ffmpeg-nsvreadchunk-bo(72790)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ffmpeg:ffmpeg:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.9:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.11:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:ffmpeg:ffmpeg:0.8.5:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.10:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:libav:libav:0.5:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.4:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.5:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.6:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.5.7:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:libav:libav:0.6:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.6.5:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:libav:libav:0.7:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.3:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.7.4:*:*:*:*:*:*:*

Configuration 6:

cpe:/a:libav:libav:0.8:*:*:*:*:*:*:*

OR cpe:/a:libav:libav:0.8:beta2:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ffmpeg:ffmpeg:0.8.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.1:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.2:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.4:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.3:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.7.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.8.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:17815	P	USN-1479-1 -- ffmpeg vulnerabilities	2014-07-21
oval:org.mitre.oval:def:17641	P	USN-1478-1 -- libav vulnerabilities	2014-06-30
oval:org.mitre.oval:def:18368	P	DSA-2471-1 ffmpeg - several	2014-06-23
oval:com.ubuntu.precise:def:20113940000	V	CVE-2011-3940 on Ubuntu 12.04 LTS (precise) - medium.	2012-08-20

BACK