CVE-2012-2775

2012-09-1022:55:03

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.006

Percentile

78.6%

JSON

Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large order and an “out of array write in quant_cof.”

OSVersionArchitecturePackageVersionFilename
Debian12allffmpeg< 7:2.4.1-1ffmpeg_7:2.4.1-1_all.deb
Debian11allffmpeg< 7:2.4.1-1ffmpeg_7:2.4.1-1_all.deb
Debian999allffmpeg< 7:2.4.1-1ffmpeg_7:2.4.1-1_all.deb
Debian13allffmpeg< 7:2.4.1-1ffmpeg_7:2.4.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	ffmpeg	< 7:2.4.1-1	ffmpeg_7:2.4.1-1_all.deb
Debian	11	all	ffmpeg	< 7:2.4.1-1	ffmpeg_7:2.4.1-1_all.deb
Debian	999	all	ffmpeg	< 7:2.4.1-1	ffmpeg_7:2.4.1-1_all.deb
Debian	13	all	ffmpeg	< 7:2.4.1-1	ffmpeg_7:2.4.1-1_all.deb