CVE-2011-0723

2011-05-2022:55:02

CWE-399

canonical

web.nvd.nist.gov

cve-2011-0723

ffmpeg

mplayer

denial of service

application crash

remote code execution

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.

Affected configurations

Nvd

Node

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

AND

mplayermplayer

VendorProductVersionCPE
ffmpegffmpeg0.5.1cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*
ffmpegffmpeg0.5.2cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*
ffmpegffmpeg0.5.3cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*
ffmpegffmpeg0.5.4cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*
mplayermplayer*cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ffmpeg	ffmpeg	0.5.1	cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:::::::*
ffmpeg	ffmpeg	0.5.2	cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:::::::*
ffmpeg	ffmpeg	0.5.3	cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:::::::*
ffmpeg	ffmpeg	0.5.4	cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:::::::*
mplayer	mplayer	*	cpe:2.3:a:mplayer:mplayer::::::::