CVE-2011-4031
FFmpeg < 0.8.3 - Remote Code Execution via ASF Packet Integer Underflow
Title source: llmDescription
Integer underflow in the asfrtp_parse_packet function in libavformat/rtpdec_asf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_misc
http://technet.microsoft.com/en-us/security/msvr/msvr11-012
Patch x_refsource_confirm
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=c2a2ad133eb9d42361804a568dee336992349a5e
Patch x_refsource_confirm
http://git.videolan.org/?p=ffmpeg.git%3Ba=shortlog%3Bh=n0.8.3
Scores
EPSS
0.0279
EPSS Percentile
86.3%
Details
CWE
CWE-191
Status
published
Products (1)
ffmpeg/ffmpeg
< 0.8.3
Published
May 09, 2012
Tracked Since
Feb 18, 2026