CVE-2011-3937
FFmpeg 0.7.x < 0.7.12, 0.8.x < 0.8.11, < 0.10 - Unspecified Impact in H.263 Codec via Width/Height Change
Title source: llmDescription
The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads."
References (5)
Core 5
Core References
Various Sources x_refsource_confirm
http://ffmpeg.org/security.html
Various Sources x_refsource_confirm
http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=71db86d53b5c6872cea31bf714a1a38ec78feaba
Various Sources x_refsource_confirm
http://libav.org/news.html
Patch x_refsource_confirm
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=71db86d53b5c6872cea31bf714a1a38ec78feaba
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:079
Scores
EPSS
0.0069
EPSS Percentile
72.0%
Details
Status
published
Products (49)
ffmpeg/ffmpeg
0.3
ffmpeg/ffmpeg
0.3.1
ffmpeg/ffmpeg
0.3.2
ffmpeg/ffmpeg
0.3.3
ffmpeg/ffmpeg
0.3.4
ffmpeg/ffmpeg
0.4.0
ffmpeg/ffmpeg
0.4.2
ffmpeg/ffmpeg
0.4.3
ffmpeg/ffmpeg
0.4.4
ffmpeg/ffmpeg
0.4.5
... and 39 more
Published
Jan 05, 2013
Tracked Since
Feb 18, 2026