Lucene search
HistoryAug 20, 2012 - 7:55 p.m.
CVE-2012-0850
cve-2012-0850
ffmpeg
libavcodec
denial of service
memory corruption
application crash
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.6%
The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted mpg file that triggers memory corruption involving the v_off variable, probably a buffer underflow.
Affected configurations
Node
ffmpegffmpegRange≤0.9
ORffmpegffmpegMatch0.3
ORffmpegffmpegMatch0.3.1
ORffmpegffmpegMatch0.3.2
ORffmpegffmpegMatch0.3.3
ORffmpegffmpegMatch0.3.4
ORffmpegffmpegMatch0.4.0
ORffmpegffmpegMatch0.4.2
ORffmpegffmpegMatch0.4.3
ORffmpegffmpegMatch0.4.4
ORffmpegffmpegMatch0.4.5
ORffmpegffmpegMatch0.4.6
ORffmpegffmpegMatch0.4.7
ORffmpegffmpegMatch0.4.8
ORffmpegffmpegMatch0.4.9
ORffmpegffmpegMatch0.4.9pre1
ORffmpegffmpegMatch0.5
ORffmpegffmpegMatch0.5.1
ORffmpegffmpegMatch0.5.2
ORffmpegffmpegMatch0.5.3
ORffmpegffmpegMatch0.5.4
ORffmpegffmpegMatch0.6
ORffmpegffmpegMatch0.6.1
ORffmpegffmpegMatch0.6.2
ORffmpegffmpegMatch0.7
ORffmpegffmpegMatch0.7.1
ORffmpegffmpegMatch0.7.2
ORffmpegffmpegMatch0.7.3
ORffmpegffmpegMatch0.7.6
ORffmpegffmpegMatch0.7.7
ORffmpegffmpegMatch0.7.8
ORffmpegffmpegMatch0.7.9
ORffmpegffmpegMatch0.7.11
ORffmpegffmpegMatch0.7.12
ORffmpegffmpegMatch0.8.0
ORffmpegffmpegMatch0.8.1
ORffmpegffmpegMatch0.8.2
ORffmpegffmpegMatch0.8.5
ORffmpegffmpegMatch0.8.6
ORffmpegffmpegMatch0.8.7
ORffmpegffmpegMatch0.8.8
ORffmpegffmpegMatch0.8.10
ORffmpegffmpegMatch0.8.11
Related
prion
prion
Buffer overflow
2012-08-20 19:55:00
cvelist
cvelist
CVE-2012-0850
2012-08-20 19:00:00
ubuntucve
ubuntucve
CVE-2012-0850
2012-02-14 00:00:00
debiancve
debiancve
CVE-2012-0850
2012-08-20 19:55:04
nvd
nvd
CVE-2012-0850
2012-08-20 19:55:04
nessus
nessus
openvas
openvas
Ubuntu Update for libav USN-1478-1
2012-06-19 00:00:00
Ubuntu: Security Advisory (USN-1478-1)
2012-06-19 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2012-06-18 00:00:00
freebsd
freebsd
gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav
2013-08-20 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.6%
Related for CVE-2012-0850