Unrated severityOSV Advisory· Published Apr 18, 2019· Updated Aug 4, 2024

CVE-2019-11339

Description

The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

FFmpeg/FfmpegOSV2 versions
n4.0, n4.0.1, n4.0.2, …+ 1 more
- (no CPE)range: n4.0, n4.0.1, n4.0.2, …
- (no CPE)range: < 4.0.4, < 4.1.2
osv-coords4 versions
pkg:rpm/opensuse/ffmpeg-4&distro=openSUSE%20Leap%2015.1 pkg:rpm/suse/ffmpeg-4&distro=SUSE%20Package%20Hub%2012%20SP2 pkg:rpm/suse/ffmpeg-4&distro=SUSE%20Package%20Hub%2015 pkg:rpm/suse/ffmpeg-4&distro=SUSE%20Package%20Hub%2015%20SP1
< 4.2.1-bp151.5.3.1+ 3 more
- (no CPE)range: < 4.2.1-bp151.5.3.1
- (no CPE)range: < 4.2.1-bp151.5.3.1
- (no CPE)range: < 4.2.1-bp151.5.3.1
- (no CPE)range: < 4.2.1-bp151.5.3.1

Patches

Vulnerability mechanics

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.htmlmitrevendor-advisoryx_refsource_SUSE
usn.ubuntu.com/3967-1/mitrevendor-advisoryx_refsource_UBUNTU
www.securityfocus.com/bid/108037mitrevdb-entryx_refsource_BID
github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbbmitrex_refsource_MISC
github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6amitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000