1
Candidate: CVE-2011-2160
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2160
6
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer
7
and other products, does not properly restrict read operations, which
8
allows remote attackers to have an unspecified impact via a crafted VC-1
9
file, a related issue to CVE-2011-0723.
12
mdeslaur> ffmpeg-extra in multiverse needs to have matching version
13
mdeslaur> we already fixed this as part of CVE-2011-0723
20
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8069e2f6fbd79e3d3d2ba17f5f097475b43e2921
21
upstream_ffmpeg: released (0.5.4)
22
dapper_ffmpeg: ignored (reached end-of-life)
23
hardy_ffmpeg: ignored (reached end-of-life)
24
lucid_ffmpeg: released (4:0.5.1-1ubuntu1.1)
25
maverick_ffmpeg: not-affected (0.6-2ubuntu6)
30
upstream_ffmpeg-extra: released (0.5.4)
31
dapper_ffmpeg-extra: DNE
32
hardy_ffmpeg-extra: DNE
33
lucid_ffmpeg-extra: released (4:0.5.1-1ubuntu1.1)
34
maverick_ffmpeg-extra: not-affected (0.6-2ubuntu6)
35
natty_ffmpeg-extra: DNE
36
devel_ffmpeg-extra: DNE
39
upstream_libav: not-affected
44
natty_libav: not-affected
45
devel_libav: not-affected
48
upstream_libav-extra: not-affected
49
dapper_libav-extra: DNE
50
hardy_libav-extra: DNE
51
lucid_libav-extra: DNE
52
maverick_libav-extra: DNE
53
natty_libav-extra: not-affected
54
devel_libav-extra: not-affected