Lucene search

[email protected]CVE-2012-2801

HistorySep 10, 2012 - 10:55 p.m.

CVE-2012-2801

2012-09-1022:55:04

[email protected]

web.nvd.nist.gov

cve-2012-2801

vulnerability

libavcodec

avs.c

ffmpeg

libav

nvd

security

dimensions

array writes

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and “out of array writes.”

Affected configurations

NVD

Node

libavlibavMatch0.8

libavlibavMatch0.8beta2

libavlibavMatch0.8.1

libavlibavMatch0.8.2

libavlibavMatch0.8.3

Node

libavlibavMatch0.7

libavlibavMatch0.7beta1

libavlibavMatch0.7beta2

libavlibavMatch0.7.1

libavlibavMatch0.7.2

libavlibavMatch0.7.3

libavlibavMatch0.7.4

libavlibavMatch0.7.5

libavlibavMatch0.7.6

Node

ffmpegffmpegRange≤0.10.4

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

CPENameOperatorVersion
libav:libavlibaveq0.8
libav:libavlibaveq0.8.1
libav:libavlibaveq0.8.2
libav:libavlibaveq0.8.3

CPE	Name	Operator	Version
libav:libav	libav	eq	0.8
libav:libav	libav	eq	0.8.1
libav:libav	libav	eq	0.8.2
libav:libav	libav	eq	0.8.3

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=1df49142bab1b7bccd11392aa9e819e297d21a6e

libav.org/releases/libav-0.7.7.changelog

libav.org/releases/libav-0.8.4.changelog

libav.org/releases/libav-0.8.5.changelog

secunia.com/advisories/50468

secunia.com/advisories/51257

www.mandriva.com/security/advisories?name=MDVSA-2013:079

www.openwall.com/lists/oss-security/2012/08/31/3

www.openwall.com/lists/oss-security/2012/09/02/4

www.securityfocus.com/bid/55355

www.ubuntu.com/usn/USN-1705-1

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for CVE-2012-2801

cvelist1 debiancve1 nvd1 ubuntucve1 prion1 nessus9 openvas12 ubuntu4 debian1 securityvulns3 gentoo2 freebsd1