QwikSec

Security Database

CVE

CWE

Training

CVE-2012-0856

Published: Aug 20, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.9.1, when the lowres option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted H263 media file. NOTE: this vulnerability exists because of a regression error.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://ffmpeg.org/trac/ffmpeg/ticket/757

x_refsource_CONFIRM

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=21270cffaeab2f67a613907516b2b0cd6c9eacf4

x_refsource_CONFIRM

[oss-security] 20120214 Re: CVE Requests for FFmpeg 0.9.1

mailing-list

x_refsource_MLIST

ffmpeg-mpvframestart-bo(78928)

vdb-entry

x_refsource_XF

http://ffmpeg.org/security.html

x_refsource_CONFIRM

[oss-security] 20120201 Re: CVE Requests for FFmpeg 0.9.1

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.