Lucene search
MitreCVE-2012-6618HistoryDec 24, 2013 - 8:55 p.m.
CVE-2012-6618
2013-12-2420:55:04
CWE-119
mitre
web.nvd.nist.gov
30
cve-2012-6618
av_probe_input_buffer
libavformat
ffmpeg
denial of service
crash
mp3 file
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.019
Percentile
88.8%
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient “frames to estimate rate.”
Affected configurations
Node
ffmpegffmpegRange≤1.0.1
ORffmpegffmpegMatch1.0
References
Related
nvd
nvd
CVE-2012-6618
2013-12-24 20:55:04
openvas
openvas
Debian: Security Advisory (DSA-2947-1)
2014-06-03 00:00:00
Debian Security Advisory DSA 2947-1 (libav - security update)
2014-06-04 00:00:00
osv
osv
libav - security update
2014-06-04 00:00:00
libav-tools-12.3-1.17 on GA media
2024-06-15 00:00:00
cvelist
cvelist
CVE-2012-6618
2013-12-24 20:00:00
debiancve
debiancve
CVE-2012-6618
2013-12-24 20:55:04
ubuntucve
ubuntucve
CVE-2012-6618
2013-12-24 00:00:00
prion
prion
Design/Logic Flaw
2013-12-24 20:55:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.019
Percentile
88.8%
Related for CVE-2012-6618