CVE-2012-2796

2012-09-1022:55:03

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.005

Percentile

77.0%

JSON

Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in “coded slice positions and interlacing” that trigger “out of array writes.”

OSVersionArchitecturePackageVersionFilename
Debian12allffmpeg< 7:5.1.6-0+deb12u1ffmpeg_7:5.1.6-0+deb12u1_all.deb
Debian11allffmpeg< 7:4.3.7-0+deb11u1ffmpeg_7:4.3.7-0+deb11u1_all.deb
Debian999allffmpeg< 7:7.0.2-3ffmpeg_7:7.0.2-3_all.deb
Debian13allffmpeg< 7:7.0.2-3ffmpeg_7:7.0.2-3_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	ffmpeg	< 7:5.1.6-0+deb12u1	ffmpeg_7:5.1.6-0+deb12u1_all.deb
Debian	11	all	ffmpeg	< 7:4.3.7-0+deb11u1	ffmpeg_7:4.3.7-0+deb11u1_all.deb
Debian	999	all	ffmpeg	< 7:7.0.2-3	ffmpeg_7:7.0.2-3_all.deb
Debian	13	all	ffmpeg	< 7:7.0.2-3	ffmpeg_7:7.0.2-3_all.deb