Lucene search
Ubuntu.comUB:CVE-2012-0848HistoryFeb 14, 2012 - 12:00 a.m.
CVE-2012-0848
2012-02-1400:00:00
ubuntu.com
ubuntu.com
9
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.014
Percentile
86.5%
Heap-based buffer overflow in the ws_snd_decode_frame function in
libavcodec/ws-snd1.c in FFmpeg 0.9.1 allows remote attackers to cause a
denial of service (application crash) via a crafted media file, related to
an incorrect calculation, aka “wrong samples count.”
Notes
| Author | Note |
|---|---|
| jdstrand | per upstream, “Simple case of amount written and check mismatching” |
| mdeslaur | code is different in ffmpeg 0.5.x and libav 0.6.x, probably not vulnerable |
Related
prion
prion
Heap overflow
2012-08-20 19:55:00
debiancve
debiancve
CVE-2012-0848
2012-08-20 19:55:04
nvd
nvd
CVE-2012-0848
2012-08-20 19:55:04
cve
cve
CVE-2012-0848
2012-08-20 19:55:04
cvelist
cvelist
CVE-2012-0848
2012-08-20 19:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201210-06 (libav)
2012-10-22 00:00:00
Gentoo Security Advisory GLSA 201210-06 (libav)
2012-10-22 00:00:00
Ubuntu Update for libav USN-1478-1
2012-06-19 00:00:00
nessus
nessus
GLSA-201210-06 : Libav: Multiple vulnerabilities
2012-10-22 00:00:00
Ubuntu 11.04 / 11.10 / 12.04 LTS : libav vulnerabilities (USN-1478-1)
2012-06-19 00:00:00
gentoo
gentoo
Libav: Multiple vulnerabilities
2012-10-20 00:00:00
ubuntu
ubuntu
Libav vulnerabilities
2012-06-18 00:00:00
freebsd
freebsd
gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav
2013-08-20 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.014
Percentile
86.5%
Related for UB:CVE-2012-0848