Lucene search

[email protected]CVE-2012-6615

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-6615

2022-10-0316:15:29

[email protected]

web.nvd.nist.gov

cve-2012-6615

ffmpeg

libavcodec

denial of service

null pointer dereference

crash

subtitle dialog

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.

Affected configurations

NVD

Node

ffmpegffmpegRange≤1.0.1

ffmpegffmpegMatch1.0

CPENameOperatorVersion
ffmpeg:ffmpegffmpegle1.0.1
ffmpeg:ffmpegffmpegeq1.0

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	le	1.0.1
ffmpeg:ffmpeg	ffmpeg	eq	1.0

References

git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=20c121c00747d6c3b0b0f98deeff021171b2ed74

secunia.com/advisories/51964

www.ffmpeg.org/security.html

www.osvdb.org/89592

trac.ffmpeg.org/ticket/2048

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for CVE-2012-6615

ubuntucve1 nvd1 prion1 cvelist1 debiancve1