Lucene search

[email protected]CVE-2012-2784

HistorySep 10, 2012 - 10:55 p.m.

CVE-2012-2784

2012-09-1022:55:03

[email protected]

web.nvd.nist.gov

cve-2012-2784

unspecified vulnerability

decode_pic function

libavcodec

cavsdec.c

ffmpeg

libav

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.1 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to “width/height changing in CAVS,” a different vulnerability than CVE-2012-2777.

Affected configurations

NVD

Node

libavlibavMatch0.8

libavlibavMatch0.8beta2

libavlibavMatch0.8.1

libavlibavMatch0.8.2

libavlibavMatch0.8.3

Node

ffmpegffmpegRange≤0.10.4

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

Node

libavlibavMatch0.7

libavlibavMatch0.7beta1

libavlibavMatch0.7beta2

libavlibavMatch0.7.1

libavlibavMatch0.7.2

libavlibavMatch0.7.3

libavlibavMatch0.7.4

libavlibavMatch0.7.5

libavlibavMatch0.7.6

CPENameOperatorVersion
libav:libavlibaveq0.8
libav:libavlibaveq0.8.1
libav:libavlibaveq0.8.2
libav:libavlibaveq0.8.3

CPE	Name	Operator	Version
libav:libav	libav	eq	0.8
libav:libav	libav	eq	0.8.1
libav:libav	libav	eq	0.8.2
libav:libav	libav	eq	0.8.3

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=25715064c2ef4978672a91f8c856f3e8809a7c45

libav.org/releases/libav-0.7.7.changelog

libav.org/releases/libav-0.8.4.changelog

secunia.com/advisories/50468

secunia.com/advisories/51257

www.mandriva.com/security/advisories?name=MDVSA-2013:079

www.openwall.com/lists/oss-security/2012/08/31/3

www.openwall.com/lists/oss-security/2012/09/02/4

www.securityfocus.com/bid/55355

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.1 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

JSON

Related for CVE-2012-2784

debiancve2 nvd2 ubuntucve2 prion2 cve1 cvelist2 nessus8 openvas10 ubuntu3 debian1 gentoo2 securityvulns1 freebsd1