BID:51720

FFmpeg Multiple Remote Vulnerabilities

Info

FFmpeg Multiple Remote Vulnerabilities

Bugtraq ID:	51720
Class:	Unknown
CVE:	CVE-2011-3929 CVE-2011-3934 CVE-2011-3935 CVE-2011-3936 CVE-2011-3937 CVE-2011-3940 CVE-2011-3941 CVE-2011-3944 CVE-2011-3945 CVE-2011-3946 CVE-2011-3947 CVE-2011-3949 CVE-2011-3950 CVE-2011-3951 CVE-2011-3952
Remote:	Yes
Local:	No
Published:	Jan 30 2012 12:00AM
Updated:	Mar 19 2015 09:47AM
Credit:	Mateusz 'j00ru' Jurczyk, Gynvael Coldwind and John Villami
Vulnerable:	Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Gentoo Linux FFmpeg FFmpeg 0.9 FFmpeg FFmpeg 0.8.7 -r1 FFmpeg FFmpeg 0.8.7 FFmpeg FFmpeg 0.8.6 FFmpeg FFmpeg 0.8.5 FFmpeg FFmpeg 0.8.3 FFmpeg FFmpeg 0.7.7 FFmpeg FFmpeg 0.7.6 FFmpeg FFmpeg 0.7.4 FFmpeg FFmpeg 0.6.1 FFmpeg FFmpeg 0.4.9 20080909 FFmpeg FFmpeg 0.4.9 -pre1 FFmpeg FFmpeg 0.4.9 -0.pre1.5.1.20060 FFmpeg FFmpeg 0.4.9 FFmpeg FFmpeg 0.4.8 FFmpeg FFmpeg 0.4.7 FFmpeg FFmpeg 0.4.6 FFmpeg FFmpeg 0.8.4 FFmpeg FFmpeg 0.8.2 FFmpeg FFmpeg 0.8.1 FFmpeg FFmpeg 0.7.8 FFmpeg FFmpeg 0.7.5 FFmpeg FFmpeg 0.7.3 FFmpeg FFmpeg 0.7.2 FFmpeg FFmpeg 0.7-rc1 FFmpeg FFmpeg 0.6.3 FFmpeg FFmpeg 0.6 FFmpeg FFmpeg 0.5.4 FFmpeg FFmpeg 0.5.3 FFmpeg FFmpeg 0.5.2 FFmpeg FFmpeg 0.5 FFmpeg FFmpeg 0.49_p20060530 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64

Not Vulnerable:	FFmpeg FFmpeg 0.10

Exploit / POC

FFmpeg Multiple Remote Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

FFmpeg Multiple Remote Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

Mandriva Linux Mandrake 2011 x86_64

Mandriva ffmpeg-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64avfilter1-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64avformats52-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64avutil50-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64ffmpeg-devel-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64ffmpeg-static-devel-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64ffmpeg52-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64postproc51-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva lib64swscaler0-0.7.12-0.1-mdv2011.0.x86_64.rpm
http://www.mandriva.com/en/downloads/

Mandriva Linux Mandrake 2011

Mandriva ffmpeg-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libavfilter1-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libavformats52-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libavutil50-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libffmpeg-devel-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libffmpeg-static-devel-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libffmpeg52-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libpostproc51-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/

Mandriva libswscaler0-0.7.12-0.1-mdv2011.0.i586.rpm
http://www.mandriva.com/en/downloads/