PT-2012-4274 · FFmpeg+1 · Ffmpeg+1
Publicado
2012-09-10
·
Atualizado
2018-10-30
·
CVE-2012-2803
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
FFmpeg versions prior to 0.11
Libav versions 0.7.x prior to 0.7.7
Libav versions 0.8.x prior to 0.8.5
Description
A double free vulnerability exists in the
mpeg decode frame function, located in libavcodec/mpeg12.c, which has unknown impact and attack vectors. This issue is related to resetting the data size value.Recommendations
For FFmpeg versions prior to 0.11, update to version 0.11 or later.
For Libav versions 0.7.x prior to 0.7.7, update to version 0.7.7 or later.
For Libav versions 0.8.x prior to 0.8.5, update to version 0.8.5 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ffmpeg
Libav