Lucene search

[email protected]CVE-2012-2798

HistorySep 10, 2012 - 10:55 p.m.

CVE-2012-2798

2012-09-1022:55:04

[email protected]

web.nvd.nist.gov

cve-2012-2798

unspecified vulnerability

libavcodec

dfa.c

ffmpeg

libav

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an “out of array write.”

Affected configurations

NVD

Node

libavlibavMatch0.8

libavlibavMatch0.8beta2

libavlibavMatch0.8.1

libavlibavMatch0.8.2

libavlibavMatch0.8.3

Node

ffmpegffmpegRange≤0.10.4

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

Node

libavlibavMatch0.7

libavlibavMatch0.7beta1

libavlibavMatch0.7beta2

libavlibavMatch0.7.1

libavlibavMatch0.7.2

libavlibavMatch0.7.3

libavlibavMatch0.7.4

libavlibavMatch0.7.5

libavlibavMatch0.7.6

CPENameOperatorVersion
libav:libavlibaveq0.8
libav:libavlibaveq0.8.1
libav:libavlibaveq0.8.2
libav:libavlibaveq0.8.3

CPE	Name	Operator	Version
libav:libav	libav	eq	0.8
libav:libav	libav	eq	0.8.1
libav:libav	libav	eq	0.8.2
libav:libav	libav	eq	0.8.3

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=72b9537d8886f679494651df517dfed9b420cf1f

libav.org/releases/libav-0.7.7.changelog

libav.org/releases/libav-0.8.4.changelog

libav.org/releases/libav-0.8.5.changelog

secunia.com/advisories/50468

secunia.com/advisories/51257

www.mandriva.com/security/advisories?name=MDVSA-2013:079

www.openwall.com/lists/oss-security/2012/08/31/3

www.openwall.com/lists/oss-security/2012/09/02/4

www.securityfocus.com/bid/55355

www.ubuntu.com/usn/USN-1705-1

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for CVE-2012-2798

nvd1 ubuntucve1 prion1 cvelist1 nessus7 openvas8 ubuntu3 securityvulns3 gentoo2 freebsd1