6.8

CVE-2012-0858

The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FfmpegFfmpeg Version0.7.1
FfmpegFfmpeg Version0.7.2
FfmpegFfmpeg Version0.7.6
FfmpegFfmpeg Version0.7.7
FfmpegFfmpeg Version0.7.8
FfmpegFfmpeg Version0.7.9
FfmpegFfmpeg Version0.7.11
FfmpegFfmpeg Version0.8.5
FfmpegFfmpeg Version0.8.6
FfmpegFfmpeg Version0.8.7
FfmpegFfmpeg Version0.8.8
FfmpegFfmpeg Version0.8.10
LibavLibav Version0.5
LibavLibav Version0.5.1
LibavLibav Version0.5.2
LibavLibav Version0.5.3
LibavLibav Version0.5.4
LibavLibav Version0.5.5
LibavLibav Version0.5.6
LibavLibav Version0.5.7
LibavLibav Version0.6
LibavLibav Version0.6.1
LibavLibav Version0.6.2
LibavLibav Version0.6.3
LibavLibav Version0.6.4
LibavLibav Version0.6.5
LibavLibav Version0.7
LibavLibav Version0.7.1
LibavLibav Version0.7.2
LibavLibav Version0.7.3
LibavLibav Version0.7.4
LibavLibav Version0.8
LibavLibav Version0.8 Updatebeta2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.8% 0.848
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://ffmpeg.org/
Vendor Advisory
http://libav.org/
Vendor Advisory