CVE-2012-0947

Name of the Vulnerable Software and Affected Versions Libav versions 0.5.x through 0.5.8 Libav versions 0.6.x through 0.6.5 Libav versions 0.7.x through 0.7.5 Libav versions 0.8.x through 0.8.1

Description The issue is related to a heap-based buffer overflow in the vqa decode chunk function within the VQA codec of libavcodec. This can be triggered by remote attackers using a crafted VQA media file where the image size is not a multiple of the block size, potentially leading to a denial of service or arbitrary code execution.

Recommendations For Libav versions 0.5.x through 0.5.8, update to version 0.5.9 or later. For Libav versions 0.6.x through 0.6.5, update to version 0.6.6 or later. For Libav versions 0.7.x through 0.7.5, update to version 0.7.6 or later. For Libav versions 0.8.x through 0.8.1, update to version 0.8.2 or later.