Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2796

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-2796
Last Modified 13 Dec 2013 12:01:15
Published 10 Sep 2012 06:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2796

Summary

Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes."

Vulnerable Systems

Application

  • Ffmpeg 0.10

  • Ffmpeg 0.10.3

  • Ffmpeg 0.10.4

  • Ffmpeg 0.3

  • Ffmpeg 0.3.1

  • Ffmpeg 0.3.2

  • Ffmpeg 0.3.3

  • Ffmpeg 0.3.4

  • Ffmpeg 0.4.0

  • Ffmpeg 0.4.2

  • Ffmpeg 0.4.3

  • Ffmpeg 0.4.4

  • Ffmpeg 0.4.5

  • Ffmpeg 0.4.6

  • Ffmpeg 0.4.7

  • Ffmpeg 0.4.8

  • Ffmpeg 0.4.9

  • Ffmpeg 0.4.9 Pre1

  • Ffmpeg 0.5

  • Ffmpeg 0.5.1

  • Ffmpeg 0.5.2

  • Ffmpeg 0.5.3

  • Ffmpeg 0.5.4

  • Ffmpeg 0.5.4.5

  • Ffmpeg 0.5.4.6

  • Ffmpeg 0.6

  • Ffmpeg 0.6.1

  • Ffmpeg 0.6.2

  • Ffmpeg 0.6.3

  • Ffmpeg 0.7

  • Ffmpeg 0.7.1

  • Ffmpeg 0.7.11

  • Ffmpeg 0.7.12

  • Ffmpeg 0.7.2

  • Ffmpeg 0.7.3

  • Ffmpeg 0.7.4

  • Ffmpeg 0.7.5

  • Ffmpeg 0.7.6

  • Ffmpeg 0.7.7

  • Ffmpeg 0.7.8

  • Ffmpeg 0.7.9

  • Ffmpeg 0.8.0

  • Ffmpeg 0.8.1

  • Ffmpeg 0.8.10

  • Ffmpeg 0.8.11

  • Ffmpeg 0.8.2

  • Ffmpeg 0.8.5

  • Ffmpeg 0.8.5.3

  • Ffmpeg 0.8.5.4

  • Ffmpeg 0.8.6

  • Ffmpeg 0.8.7

  • Ffmpeg 0.8.8

  • Ffmpeg 0.9

  • Ffmpeg 0.9.1

  • Libav 0.8

  • Libav 0.8.1

  • Libav 0.8.2

  • Libav 0.8.3


References

BID - 55355

MLIST - [oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?

MLIST - [oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?

SECUNIA - 50468

CONFIRM - http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5e59a77cec804a9b44c60ea22c17beba6453ef23

CONFIRM - http://ffmpeg.org/security.html

CONFIRM - http://libav.org/releases/libav-0.8.4.changelog

SECUNIA - 51257

MANDRIVA - MDVSA-2013:079


Last Updated: 27 May 2016 11:00:32