PT-2012-4262 · FFmpeg+1 · Ffmpeg+1

Published

2012-09-10

Updated

2018-10-30

CVE-2012-2791

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 0.11 Libav versions 0.7.x prior to 0.7.7 Libav versions 0.8.x prior to 0.8.5

Description The issue is related to multiple unspecified vulnerabilities in the decode band hdr function in indeo4.c and the ff ivi decode blocks function in ivi common.c in libavcodec. These vulnerabilities are related to the "transform size" and have unknown impact and attack vectors.

Recommendations For FFmpeg versions prior to 0.11, update to version 0.11 or later. For Libav versions 0.7.x prior to 0.7.7, update to version 0.7.7 or later. For Libav versions 0.8.x prior to 0.8.5, update to version 0.8.5 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-2791

Affected Products

Ffmpeg

Libav

PT-2012-4262 · FFmpeg+1 · Ffmpeg+1

CVE-2012-2791

Related Identifiers

Affected Products

References · 10