CVE-2011-3952

FFmpeg < 0.10 - Denial of Service and Possible Remote Code Execution via Large Palette Size in KMVC Encoded File

Title source: llm

Description

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.

References (5)

Core 5

Core References

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1479-1

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2494

Various Sources x_refsource_confirm

http://ffmpeg.org/

Various Sources x_refsource_confirm

http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=386741f887714d3e46c9e8fe577e326a7964037b

Various Sources x_refsource_confirm

http://libav.org/

Scores

EPSS 0.0095

EPSS Percentile 76.6%

Details

CWE

CWE-20

Status published

Products (49)

ffmpeg/ffmpeg 0.3

ffmpeg/ffmpeg 0.3.1

ffmpeg/ffmpeg 0.3.2

ffmpeg/ffmpeg 0.3.3

ffmpeg/ffmpeg 0.3.4

ffmpeg/ffmpeg 0.4.0

ffmpeg/ffmpeg 0.4.2

ffmpeg/ffmpeg 0.4.3

ffmpeg/ffmpeg 0.4.4

ffmpeg/ffmpeg 0.4.5

... and 39 more

Published Aug 20, 2012

Tracked Since Feb 18, 2026