Launchpad.net

CVE 2011-3951

The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.

Related bugs and status

CVE-2011-3951 (Candidate) is related to these bugs:

Bug #960949: FFe: New Upstream bug and security release 0.8.1

Summary				In	Importance	Status
	960949	FFe: New Upstream bug and security release 0.8.1		libav (Ubuntu)	Medium	Fix Released
	960949	FFe: New Upstream bug and security release 0.8.1		libav-extra (Ubuntu)	Medium	Fix Released

Bug #1012132: June libav/ffmpeg security update tracking bug

		In	Importance	Status
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Lucid)	Undecided	Invalid
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Natty)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Quantal)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Precise)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Oneiric)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-3951

Related bugs and status

Related bugs

References