Vulnerabilities > CVE-2012-2796

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes."

Vulnerable Configurations

Part Description Count
Application
Ffmpeg
90
Application
Libav
5

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201310-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201310-12 (FFmpeg: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted media file, possibly leading to the execution of arbitrary code with the privileges of the user running the application or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id70647
    published2013-10-27
    reporterThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/70647
    titleGLSA-201310-12 : FFmpeg: Multiple vulnerabilities
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2013-079.NASL
    descriptionUpdated ffmpeg packages fix security vulnerabilities : h264: Add check for invalid chroma_format_idc (CVE-2012-0851) h263dec: Disallow width/height changing with frame threads (CVE-2011-3937) vc1dec: check that coded slice positions and interlacing match. This fixes out of array writes (CVE-2012-2796) alsdec: fix number of decoded samples in first sub-block in BGMC mode (CVE-2012-2790) cavsdec: check for changing w/h. Our decoder does not support changing w/h (CVE-2012-2777, CVE-2012-2784) indeo4: update AVCodecContext width/height on size change (CVE-2012-2787) avidec: use actually read size instead of requested size (CVE-2012-2788) wmaprodec: check num_vec_coeffs for validity (CVE-2012-2789) lagarith: check count before writing zeros (CVE-2012-2793) indeo3: fix out of cell write (CVE-2012-2776) indeo5: check tile size in decode_mb_info\(\). This prevents writing into a too small array if some parameters changed without the tile being reallocated (CVE-2012-2794) indeo5dec: Make sure we have had a valid gop header. This prevents decoding happening on a half initialized context (CVE-2012-2779) indeo4/5: check empty tile size in decode_mb_info\(\). This prevents writing into a too small array if some parameters changed without the tile being reallocated (CVE-2012-2800) dfa: improve boundary checks in decode_dds1\(\) (CVE-2012-2798) dfa: check that the caller set width/height properly (CVE-2012-2786) avsdec: Set dimensions instead of relying on the demuxer. The decode function assumes that the video will have those dimensions (CVE-2012-2801) ac3dec: ensure get_buffer\(\) gets a buffer for the correct number of channels (CVE-2012-2802) rv34: error out on size changes with frame threading (CVE-2012-2772) alsdec: check opt_order. Fixes out of array write in quant_cof. Also make sure no invalid opt_order stays in the context (CVE-2012-2775) This updates ffmpeg to version 0.10.6 which contains the security fixes above as well as other bug fixes.
    last seen2020-06-01
    modified2020-06-02
    plugin id66093
    published2013-04-20
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/66093
    titleMandriva Linux Security Advisory : ffmpeg (MDVSA-2013:079)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201406-28.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201406-28 (Libav: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted media file in an application linked against Libav, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id76272
    published2014-06-27
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/76272
    titleGLSA-201406-28 : Libav: Multiple vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1630-1.NASL
    descriptionIt was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id62900
    published2012-11-13
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62900
    titleUbuntu 12.04 LTS / 12.10 : libav vulnerabilities (USN-1630-1)