The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:27
Type | Values Removed | Values Added |
---|---|---|
References | () http://ffmpeg.mplayerhq.hu/ - | |
References | () http://www.securityfocus.com/bid/47956 - |
Information
Published : 2011-05-20 22:55
Updated : 2024-11-21 01:27
NVD link : CVE-2011-2160
Mitre link : CVE-2011-2160
CVE.ORG link : CVE-2011-2160
JSON object : View
Products Affected
mplayerhq
- mplayer
ffmpeg
- ffmpeg
CWE
CWE-20
Improper Input Validation