Lucene search

[email protected]NVD:CVE-2012-2803

HistorySep 10, 2012 - 10:55 p.m.

CVE-2012-2803

2012-09-1022:55:04

CWE-399

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.5%

JSON

Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value.

Affected configurations

NVD

Node

libavlibavMatch0.8

libavlibavMatch0.8beta2

libavlibavMatch0.8.1

libavlibavMatch0.8.2

libavlibavMatch0.8.3

libavlibavMatch0.8.4

Node

ffmpegffmpegRange≤0.10.4

ffmpegffmpegMatch0.3

ffmpegffmpegMatch0.3.1

ffmpegffmpegMatch0.3.2

ffmpegffmpegMatch0.3.3

ffmpegffmpegMatch0.3.4

ffmpegffmpegMatch0.4.0

ffmpegffmpegMatch0.4.2

ffmpegffmpegMatch0.4.3

ffmpegffmpegMatch0.4.4

ffmpegffmpegMatch0.4.5

ffmpegffmpegMatch0.4.6

ffmpegffmpegMatch0.4.7

ffmpegffmpegMatch0.4.8

ffmpegffmpegMatch0.4.9

ffmpegffmpegMatch0.4.9pre1

ffmpegffmpegMatch0.5

ffmpegffmpegMatch0.5.1

ffmpegffmpegMatch0.5.2

ffmpegffmpegMatch0.5.3

ffmpegffmpegMatch0.5.4

ffmpegffmpegMatch0.5.4.5

ffmpegffmpegMatch0.5.4.6

ffmpegffmpegMatch0.6

ffmpegffmpegMatch0.6.1

ffmpegffmpegMatch0.6.2

ffmpegffmpegMatch0.6.3

ffmpegffmpegMatch0.7

ffmpegffmpegMatch0.7.1

ffmpegffmpegMatch0.7.2

ffmpegffmpegMatch0.7.3

ffmpegffmpegMatch0.7.4

ffmpegffmpegMatch0.7.5

ffmpegffmpegMatch0.7.6

ffmpegffmpegMatch0.7.7

ffmpegffmpegMatch0.7.8

ffmpegffmpegMatch0.7.9

ffmpegffmpegMatch0.7.11

ffmpegffmpegMatch0.7.12

ffmpegffmpegMatch0.8.0

ffmpegffmpegMatch0.8.1

ffmpegffmpegMatch0.8.2

ffmpegffmpegMatch0.8.5

ffmpegffmpegMatch0.8.5.3

ffmpegffmpegMatch0.8.5.4

ffmpegffmpegMatch0.8.6

ffmpegffmpegMatch0.8.7

ffmpegffmpegMatch0.8.8

ffmpegffmpegMatch0.8.10

ffmpegffmpegMatch0.8.11

ffmpegffmpegMatch0.9

ffmpegffmpegMatch0.9.1

ffmpegffmpegMatch0.10

ffmpegffmpegMatch0.10.3

Node

libavlibavMatch0.7

libavlibavMatch0.7beta1

libavlibavMatch0.7beta2

libavlibavMatch0.7.1

libavlibavMatch0.7.2

libavlibavMatch0.7.3

libavlibavMatch0.7.4

libavlibavMatch0.7.5

libavlibavMatch0.7.6

References

ffmpeg.org/security.html

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=951cbea56fdc03ef96d07fbd7e5bed755d42ac8a

libav.org/releases/libav-0.7.7.changelog

libav.org/releases/libav-0.8.5.changelog

secunia.com/advisories/50468

www.openwall.com/lists/oss-security/2012/08/31/3

www.openwall.com/lists/oss-security/2012/09/02/4

www.securityfocus.com/bid/55355

www.ubuntu.com/usn/USN-1705-1

www.ubuntu.com/usn/USN-1706-1

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.5%

JSON

Related for NVD:CVE-2012-2803

debiancve1 cve1 ubuntucve1 prion1 cvelist1 ubuntu2 openvas8 nessus6 debian1 securityvulns2 gentoo2 freebsd1