Heap Memory Corruption in FFmpeg Affects MPlayer and Other Products
CVE-2011-0722

Currently unrated

Key Information:

Vendor: Ffmpeg
Status: Ffmpeg; Mplayer
Vendor: CVE Published:; 20 May 2011

What is CVE-2011-0722?

A vulnerability in FFmpeg prior to version 0.5.4 allows remote attackers to trigger heap memory corruption and cause denial of service through specially crafted RealMedia files. This can potentially lead to the execution of arbitrary code, compromising the integrity and availability of affected applications, such as MPlayer.

References

http://www.debian.org/security/2011/dsa-2306

vendor-advisoryx_refsource_DEBIAN

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2011
Vulnerability Reserved
Feb 1, 2011

Ffmpeg

What is CVE-2011-0722?

References

Timeline