CVE-2011-4579

Name of the Vulnerable Software and Affected Versions FFmpeg versions 0.5.x through 0.5.6 FFmpeg versions 0.6.x through 0.6.3 FFmpeg versions 0.7.x through 0.7.8 FFmpeg versions 0.8.x through 0.8.7 Libav versions 0.5.x through 0.5.5 Libav versions 0.6.x through 0.6.3 Libav versions 0.7.x through 0.7.2

Description The issue allows remote attackers to cause a denial of service, related to "dimensions changed" in the SVQ1 decoder. Exploitation of the vulnerabilities may lead to disruption of confidentiality, integrity, and availability of protected information. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For FFmpeg versions 0.5.x through 0.5.6, update to version 0.5.7 or later. For FFmpeg versions 0.6.x through 0.6.3, update to version 0.6.4 or later. For FFmpeg versions 0.7.x through 0.7.8, update to version 0.7.9 or later. For FFmpeg versions 0.8.x through 0.8.7, update to version 0.8.8 or later. For Libav versions 0.5.x through 0.5.5, update to version 0.5.6 or later. For Libav versions 0.6.x through 0.6.3, update to version 0.6.4 or later. For Libav versions 0.7.x through 0.7.2, update to version 0.7.3 or later.