Main Vulnerability Database Vulnerabilities #VU42269

Buffer overflow in FFmpeg - CVE-2011-4351

Published: December 9, 2013 / Updated: August 10, 2020

Vulnerability identifier: #VU42269

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2011-4351

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: ffmpeg.sourceforge.net

Affected software:
FFmpeg

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors.

How to mitigate CVE-2011-4351

Install update from vendor's website.

Sources

http://seclists.org/bugtraq/2011/Nov/145
http://www.ffmpeg.org/security.html

Buffer overflow in FFmpeg - CVE-2011-4351

Detailed vulnerability description

How to mitigate CVE-2011-4351

Sources

Please verify you're human