Unrated severityNVD Advisory· Published Oct 2, 2011· Updated Jun 16, 2026
CVE-2011-3362
CVE-2011-3362
Description
Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
51cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*range: <=0.7.2
- cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.8.1:*:*:*:*:*:*:*
- (no CPE)range: <0.7.3, <0.8.2
cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:libav:libav:*:*:*:*:*:*:*:*range: <=0.7.1
- cpe:2.3:a:libav:libav:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.4.9:pre1:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*
- cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*
- (no CPE)range: <=0.7.1
Patches
Vulnerability mechanics
References
8- www.openwall.com/lists/oss-security/2011/09/13/4nvdPatch
- www.openwall.com/lists/oss-security/2011/09/14/8nvdPatch
- secunia.com/advisories/45532nvdVendor Advisory
- git.videolan.orgnvd
- git.videolan.orgnvd
- www.ffmpeg.org/releases/ffmpeg-0.7.5.changelognvd
- www.ffmpeg.org/releases/ffmpeg-0.8.4.changelognvd
- www.ocert.org/advisories/ocert-2011-002.htmlnvd
News mentions
0No linked articles in our index yet.