The render_line function in the vorbis codec (vorbis.c) in libavcodec in
FFmpeg before 0.9.1 allows remote attackers to cause a denial of service
(application crash) and possibly execute arbitrary code via a crafted
Vorbis file, related to a large multiplier. NOTE: this vulnerability
exists because of an incomplete fix for CVE-2011-3893.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | ffmpeg | <Β 4:0.5.9-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | upstream | noarch | ffmpeg | <Β 0.5.8 | UNKNOWN |
ubuntu | upstream | noarch | ffmpeg-extra | <Β any | UNKNOWN |
ubuntu | 11.04 | noarch | libav | <Β 4:0.6.6-0ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | libav | <Β 4:0.7.6-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | upstream | noarch | libav | <Β 0.6.5,0.7.5,0.8.1 | UNKNOWN |
ubuntu | upstream | noarch | libav-extra | <Β any | UNKNOWN |