CVE-2012-2795

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 0.11

Description The issue involves multiple unspecified vulnerabilities in the libavcodec/wmalosslessdec.c component of FFmpeg. These vulnerabilities are related to three main areas: (1) the size of mclms arrays, (2) a get bits(0) call in the decode ac filter function, and (3) the handling of too many bits in the decode channel residues function. The impact and attack vectors of these vulnerabilities are not specified.

Recommendations For FFmpeg versions prior to 0.11, update to version 0.11 or later to resolve the issue.