Published: 10/09/2012 Updated: 07/11/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg prior to 0.11, and Libav 0.7.x prior to 0.7.7 and 0.8.x prior to 0.8.4, has unknown impact and attack vectors, related to an "out of array write."

Vulnerable Product	Search on Vulmon	Subscribe to Product
libav libav 0.8
libav libav 0.8.1
libav libav 0.8.2
libav libav 0.8.3
ffmpeg ffmpeg 0.7.7
ffmpeg ffmpeg 0.7.1
ffmpeg ffmpeg 0.7.6
ffmpeg ffmpeg 0.4.5
ffmpeg ffmpeg 0.10.3
ffmpeg ffmpeg 0.3.2
ffmpeg ffmpeg 0.8.6
ffmpeg ffmpeg 0.4.7
ffmpeg ffmpeg 0.6.1
ffmpeg ffmpeg 0.3.3
ffmpeg ffmpeg 0.7.5
ffmpeg ffmpeg 0.5.4.6
ffmpeg ffmpeg 0.3
ffmpeg ffmpeg 0.4.2
ffmpeg ffmpeg 0.5
ffmpeg ffmpeg 0.5.4
ffmpeg ffmpeg 0.9.1
ffmpeg ffmpeg 0.8.5.4
ffmpeg ffmpeg 0.8.5.3
ffmpeg ffmpeg 0.5.1
ffmpeg ffmpeg 0.8.5
ffmpeg ffmpeg 0.9
ffmpeg ffmpeg 0.3.1
ffmpeg ffmpeg 0.7.3
ffmpeg ffmpeg 0.4.9
ffmpeg ffmpeg 0.7.4
ffmpeg ffmpeg 0.8.0
ffmpeg ffmpeg 0.6
ffmpeg ffmpeg 0.5.3
ffmpeg ffmpeg 0.8.10
ffmpeg ffmpeg 0.4.4
ffmpeg ffmpeg 0.5.2
ffmpeg ffmpeg
ffmpeg ffmpeg 0.4.6
ffmpeg ffmpeg 0.3.4
ffmpeg ffmpeg 0.7.8
ffmpeg ffmpeg 0.4.0
ffmpeg ffmpeg 0.6.2
ffmpeg ffmpeg 0.8.7
ffmpeg ffmpeg 0.7.9
ffmpeg ffmpeg 0.5.4.5
ffmpeg ffmpeg 0.7
ffmpeg ffmpeg 0.7.12
ffmpeg ffmpeg 0.8.1
ffmpeg ffmpeg 0.4.8
ffmpeg ffmpeg 0.4.3
ffmpeg ffmpeg 0.6.3
ffmpeg ffmpeg 0.8.11
ffmpeg ffmpeg 0.10
ffmpeg ffmpeg 0.8.8
ffmpeg ffmpeg 0.8.2
ffmpeg ffmpeg 0.7.11
ffmpeg ffmpeg 0.7.2
libav libav 0.7
libav libav 0.7.4
libav libav 0.7.1
libav libav 0.7.2
libav libav 0.7.5
libav libav 0.7.3
libav libav 0.7.6

Debian Bug report logs - #688847 libav: multiple CVEs in ffmpeg/libav Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Wed, 26 Sep 2012 08:27:01 UTC Severity: grave Tags: securit ...

Debian Bug report logs - #694483 CVEs: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361 Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Arne Wichmann <aw@linuxde> Date: Mon, 26 Nov 2012 19:42:01 UTC Severity: grav ...

Debian Bug report logs - #688849 ffmpeg/squeeze/stable: multiple CVEs that need further investigation Package: src:ffmpeg; Maintainer for src:ffmpeg is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Yves-Alexis Perez <corsac@debianorg> Date: Wed, 26 Sep 2012 08:27:01 UTC Severity: g ...

Libav could be made to crash or run programs as your login if it opened a specially crafted file ...

NVD-CWE-noinfo http://www.openwall.com/lists/oss-security/2012/09/02/4 http://libav.org/releases/libav-0.8.5.changelog http://libav.org/releases/libav-0.8.4.changelog http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=72b9537d8886f679494651df517dfed9b420cf1f http://www.securityfocus.com/bid/55355 http://www.mandriva.com/security/advisories?name=MDVSA-2013:079 http://www.openwall.com/lists/oss-security/2012/08/31/3 http://ffmpeg.org/security.html http://libav.org/releases/libav-0.7.7.changelog http://www.ubuntu.com/usn/USN-1705-1 http://secunia.com/advisories/50468 http://secunia.com/advisories/51257 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688847 https://usn.ubuntu.com/1705-1/

CVE-2012-2798

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect