SB2012091104 - Multiple vulnerabilities in ffmpeg.sourceforge.net FFmpeg
Published: September 11, 2012 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2012-2799)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset."
2) Buffer overflow (CVE-ID: CVE-2012-2774)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "a frame outside SETUP state."
3) Input validation error (CVE-ID: CVE-2012-2782)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."
4) Input validation error (CVE-ID: CVE-2012-2785)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors, related to (1) "some subframes only encode some channels" or (2) a large order value.
5) Input validation error (CVE-ID: CVE-2012-2792)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame.
6) Input validation error (CVE-ID: CVE-2012-2795)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()."
Remediation
Install update from vendor's website.
References
- http://ffmpeg.org/security.html
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=64bd7f8e4db1742e86c5ed02bd530688b74063e3
- http://secunia.com/advisories/50468
- http://www.openwall.com/lists/oss-security/2012/08/31/3
- http://www.openwall.com/lists/oss-security/2012/09/02/4
- http://www.securityfocus.com/bid/55355
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9a57a37b7041581c10629c8241260a5d7bfbc1e7
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=326f7a68bbd429c63fd2f19f4050658982b5b081
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d462949974668ffb013467d12dc4934b9106fe19
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d442c4462a2692e27a24e1a9d0eb6f18725c7bd8
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2a7063de547b1d8fb1cef523469390fb59fb2c50
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a0abefb0af64a311b15141062c77dd577ba590a3
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b3a43515827f3d22a881c33b87384f01c86786fd