CVE-2011-2160

N/A Unknown

Published: May 20, 2011 Modified: April 29, 2026

Description

The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://ffmpeg.mplayerhq.hu/

Source: cve@mitre.org

http://www.securityfocus.com/bid/47956

Source: cve@mitre.org

http://ffmpeg.mplayerhq.hu/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/47956

Source: af854a3a-2127-422b-91ae-364da2661108

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.7%

74th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

ffmpeg mplayerhq

Related CVEs

CVE-2026-9699 6.8

CVE-2026-57667 8.5

CVE-2026-57665 5.3

CVE-2026-57664 4.3

CVE-2026-57663 8.5