Lucene search
Ubuntu.comUB:CVE-2012-0854HistoryAug 20, 2012 - 12:00 a.m.
CVE-2012-0854
2012-08-2000:00:00
ubuntu.com
ubuntu.com
10
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.007
Percentile
80.8%
The dpcm_decode_frame function in libavcodec/dpcm.c in FFmpeg before 0.9.1
does not use the proper pointer after an audio API change, which allows
remote attackers to cause a denial of service (application crash) via
unspecified vectors, which triggers a heap-based buffer overflow.
Notes
| Author | Note |
|---|---|
| jdstrand | from upstream, “Wrong pointer being used to write after recent audio API change.” |
| mdeslaur | doesn’t look like it affects libav 0.7 and older, and ffmpeg 0.5 |
Related
cve
cve
CVE-2012-0854
2012-08-20 19:55:05
debiancve
debiancve
CVE-2012-0854
2012-08-20 19:55:05
cvelist
cvelist
CVE-2012-0854
2012-08-20 19:00:00
nvd
nvd
CVE-2012-0854
2012-08-20 19:55:05
prion
prion
Heap overflow
2012-08-20 19:55:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.007
Percentile
80.8%
Related for UB:CVE-2012-0854