OSVDB ID: 78645

Title: FFmpeg DV Decoder NULL Pointer Dereference Media File Handling Remote DoS

Info

Disclosure

Jan 31, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jan 30, 2012

Description

Classification

Location: Local / Remote, Context Dependent
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 0.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

FFmpeg Project

FFmpeg

0.9

References

CVE ID: 2011-3929 (see also: NVD)
Secunia Advisory ID: 47765 49089 51085
Related OSVDB ID: 78634 78635 78636 78637 78638 78639 78640 78641 78642 78643 78644 78646 78647 78648 78649 78650
Vendor Specific Solution URL: http://article.gmane.org/gmane.comp.video.ffmpeg.cvs/46590/match=cve+2011+3929
http://article.gmane.org/gmane.comp.video.ffmpeg.cvs/46591/
Vendor Specific News/Changelog Entry: http://ffmpeg.org/security.html
http://git.libav.org/?p=libav.git;a=commit;h=635bcfccd439480003b74a665b5aa7c872c1ad6b
http://git.libav.org/?p=libav.git;a=commitdiff;h=5a396bb3a66a61a68b80f2369d0249729bf85e04
http://www.debian.org/security/2012/dsa-2471
http://www.gentoo.org/security/en/glsa/glsa-201210-06.xml
Other Advisory URL: http://www.ubuntu.com/usn/USN-1479-1

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/78645