CVE Reference: CVE-2012-2795

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-2795

Description:
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()."

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA50468

MLIST
  http://www.openwall.com/lists/oss-security/2012/08/31/3
  http://www.openwall.com/lists/oss-security/2012/09/02/4

CONFIRM
  http://ffmpeg.org/security.html
  http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2a7063de547b1d8fb1cef523469390fb59fb2c50
  http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a0abefb0af64a311b15141062c77dd577ba590a3
  http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b3a43515827f3d22a881c33b87384f01c86786fd

BID
  55355


Return to the previous page.