Published: 12/12/2012 Updated: 07/11/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Google Chrome prior to 23.0.1271.97, and Libav 0.7.x prior to 0.7.7 and 0.8.x prior to 0.8.5, do not properly perform AAC decoding, which allows remote malicious users to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical ubuntu linux 12.04
canonical ubuntu linux 11.10
canonical ubuntu linux 12.10
libav libav 0.8
libav libav 0.8.1
libav libav 0.8.2
libav libav 0.8.3
libav libav 0.8.4
google chrome 23.0.1271.87
google chrome 23.0.1271.58
google chrome 23.0.1271.19
google chrome 23.0.1271.51
google chrome 23.0.1271.45
google chrome 23.0.1271.18
google chrome 23.0.1271.17
google chrome 23.0.1271.92
google chrome 23.0.1271.8
google chrome 23.0.1271.61
google chrome 23.0.1271.86
google chrome 23.0.1271.23
google chrome 23.0.1271.12
google chrome 23.0.1271.49
google chrome 23.0.1271.0
google chrome 23.0.1271.1
google chrome 23.0.1271.3
google chrome 23.0.1271.6
google chrome 23.0.1271.10
google chrome 23.0.1271.46
google chrome 23.0.1271.52
google chrome 23.0.1271.54
google chrome 23.0.1271.15
google chrome 23.0.1271.88
google chrome 23.0.1271.39
google chrome 23.0.1271.85
google chrome 23.0.1271.55
google chrome 23.0.1271.91
google chrome 23.0.1271.57
google chrome 23.0.1271.14
google chrome 23.0.1271.84
google chrome 23.0.1271.26
google chrome 23.0.1271.31
google chrome 23.0.1271.93
google chrome 23.0.1271.59
google chrome 23.0.1271.9
google chrome 23.0.1271.24
google chrome 23.0.1271.62
google chrome 23.0.1271.2
google chrome 23.0.1271.7
google chrome 23.0.1271.22
google chrome 23.0.1271.37
google chrome 23.0.1271.56
google chrome 23.0.1271.40
google chrome 23.0.1271.30
google chrome 23.0.1271.60
google chrome 23.0.1271.35
google chrome 23.0.1271.36
google chrome 23.0.1271.13
google chrome 23.0.1271.11
google chrome 23.0.1271.94
google chrome 23.0.1271.21
google chrome 23.0.1271.33
google chrome 23.0.1271.64
google chrome 23.0.1271.53
google chrome
google chrome 23.0.1271.41
google chrome 23.0.1271.95
google chrome 23.0.1271.4
google chrome 23.0.1271.20
google chrome 23.0.1271.16
google chrome 23.0.1271.38
google chrome 23.0.1271.83
google chrome 23.0.1271.44
google chrome 23.0.1271.50
google chrome 23.0.1271.32
google chrome 23.0.1271.5
google chrome 23.0.1271.89
opensuse opensuse 12.2
opensuse opensuse 12.1
libav libav 0.7
libav libav 0.7.4
libav libav 0.7.1
libav libav 0.7.2
libav libav 0.7.5
libav libav 0.7.3
libav libav 0.7.6

Debian Bug report logs - #694483 CVEs: CVE-2012-2882 CVE-2012-5359 CVE-2012-5360 CVE-2012-5361 Package: src:libav; Maintainer for src:libav is Debian Multimedia Maintainers <pkg-multimedia-maintainers@listsaliothdebianorg>; Reported by: Arne Wichmann <aw@linuxde> Date: Mon, 26 Nov 2012 19:42:01 UTC Severity: grav ...

Libav could be made to crash or run programs as your login if it opened a specially crafted file ...

CWE-119 http://libav.org/releases/libav-0.8.5.changelog https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007 http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=161639 http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html http://libav.org/releases/libav-0.7.7.changelog http://www.ubuntu.com/usn/USN-1705-1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694483 https://usn.ubuntu.com/1705-1/https://nvd.nist.gov

Get Started

CVE-2012-5144

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect