QwikSec

Security Database

CVE

CWE

Training

CVE-2011-3940

Published: Aug 20, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c898431ca5ef2a997fe9388b650f658fb60783e5

x_refsource_CONFIRM

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=8fd8a48263ff1437f9d02d7e78dc63efb9b5ed3a

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

third-party-advisory

x_refsource_SECUNIA

http://ffmpeg.org/

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

http://libav.org/

x_refsource_CONFIRM

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=5c011706bc752d34bc6ada31d7df2ca0c9af7c6b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.