Published: 10/09/2012 Updated: 07/11/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg prior to 0.11, and Libav 0.7.x prior to 0.7.7 and 0.8.x prior to 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters."

Vulnerable Product	Search on Vulmon	Subscribe to Product
libav libav 0.7
libav libav 0.7.4
libav libav 0.7.1
libav libav 0.7.2
libav libav 0.7.5
libav libav 0.7.3
libav libav 0.7.6
libav libav 0.8
libav libav 0.8.1
libav libav 0.8.2
libav libav 0.8.3
ffmpeg ffmpeg 0.7.7
ffmpeg ffmpeg 0.7.1
ffmpeg ffmpeg 0.7.6
ffmpeg ffmpeg 0.4.5
ffmpeg ffmpeg 0.10.3
ffmpeg ffmpeg 0.3.2
ffmpeg ffmpeg 0.8.6
ffmpeg ffmpeg 0.4.7
ffmpeg ffmpeg 0.6.1
ffmpeg ffmpeg 0.3.3
ffmpeg ffmpeg 0.7.5
ffmpeg ffmpeg 0.5.4.6
ffmpeg ffmpeg 0.3
ffmpeg ffmpeg 0.4.2
ffmpeg ffmpeg 0.5
ffmpeg ffmpeg 0.5.4
ffmpeg ffmpeg 0.9.1
ffmpeg ffmpeg 0.8.5.4
ffmpeg ffmpeg 0.8.5.3
ffmpeg ffmpeg 0.5.1
ffmpeg ffmpeg 0.8.5
ffmpeg ffmpeg 0.9
ffmpeg ffmpeg 0.3.1
ffmpeg ffmpeg 0.7.3
ffmpeg ffmpeg 0.4.9
ffmpeg ffmpeg 0.7.4
ffmpeg ffmpeg 0.8.0
ffmpeg ffmpeg 0.6
ffmpeg ffmpeg 0.5.3
ffmpeg ffmpeg 0.8.10
ffmpeg ffmpeg 0.4.4
ffmpeg ffmpeg 0.5.2
ffmpeg ffmpeg
ffmpeg ffmpeg 0.4.6
ffmpeg ffmpeg 0.3.4
ffmpeg ffmpeg 0.7.8
ffmpeg ffmpeg 0.4.0
ffmpeg ffmpeg 0.6.2
ffmpeg ffmpeg 0.8.7
ffmpeg ffmpeg 0.7.9
ffmpeg ffmpeg 0.5.4.5
ffmpeg ffmpeg 0.7
ffmpeg ffmpeg 0.7.12
ffmpeg ffmpeg 0.8.1
ffmpeg ffmpeg 0.4.8
ffmpeg ffmpeg 0.4.3
ffmpeg ffmpeg 0.6.3
ffmpeg ffmpeg 0.8.11
ffmpeg ffmpeg 0.10
ffmpeg ffmpeg 0.8.8
ffmpeg ffmpeg 0.8.2
ffmpeg ffmpeg 0.7.11
ffmpeg ffmpeg 0.7.2

Debian Bug report logs - #688847 libav: multiple CVEs in ffmpeg/libav Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Wed, 26 Sep 2012 08:27:01 UTC Severity: grave Tags: securit ...

Debian Bug report logs - #688849 ffmpeg/squeeze/stable: multiple CVEs that need further investigation Package: src:ffmpeg; Maintainer for src:ffmpeg is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Wed, 26 Sep 2012 08:27:01 UTC Severity: g ...

Libav could be made to crash or run programs as your login if it opened a specially crafted file ...

NVD-CWE-noinfo http://www.openwall.com/lists/oss-security/2012/09/02/4 http://libav.org/releases/libav-0.8.4.changelog http://www.securityfocus.com/bid/55355 http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=5ad7335ebac2b38bb2a1c8df51a500b78461c05a http://www.mandriva.com/security/advisories?name=MDVSA-2013:079 http://www.openwall.com/lists/oss-security/2012/08/31/3 http://ffmpeg.org/security.html http://libav.org/releases/libav-0.7.7.changelog http://secunia.com/advisories/50468 http://secunia.com/advisories/51257 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688847 https://usn.ubuntu.com/1630-1/

CVE-2012-2794

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect