QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1931

Published: Jul 7, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339

x_refsource_CONFIRM

20110427 NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

mailing-list

x_refsource_BUGTRAQ

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=89f903b3d5ec38c9c5d90fba7e626fa0eda61a32

x_refsource_CONFIRM

third-party-advisory

x_refsource_SREASON

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.