Denial of Service Vulnerability in FFmpeg and MPlayer
CVE-2011-0723

Currently unrated

Key Information:

Vendor: Ffmpeg
Status: Ffmpeg; Mplayer
Vendor: CVE Published:; 20 May 2011

What is CVE-2011-0723?

FFmpeg 0.5.x, utilized in MPlayer and other applications, is susceptible to a vulnerability that allows remote attackers to crash the application or potentially execute arbitrary code by supplying a malformed VC-1 file. This flaw can be exploited, leading to service disruption or further unauthorized actions on the affected systems.

References

http://www.debian.org/security/2011/dsa-2306

vendor-advisoryx_refsource_DEBIAN

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2011
Vulnerability Reserved
Feb 1, 2011

Ffmpeg

What is CVE-2011-0723?

References

Timeline