CVE-2012-2794 | Vulnerability Database | Aqua Security

Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the allocated tile size … mismatches parameters.

Affected Software

Name	Vendor	Start Version	End Version
Libav	Libav	0.7 (including)	0.7 (including)
Libav	Libav	0.7-beta1 (including)	0.7-beta1 (including)
Libav	Libav	0.7-beta2 (including)	0.7-beta2 (including)
Libav	Libav	0.7.1 (including)	0.7.1 (including)
Libav	Libav	0.7.2 (including)	0.7.2 (including)
Libav	Libav	0.7.3 (including)	0.7.3 (including)
Libav	Libav	0.7.4 (including)	0.7.4 (including)
Libav	Libav	0.7.5 (including)	0.7.5 (including)
Libav	Libav	0.7.6 (including)	0.7.6 (including)
Ffmpeg	Ubuntu	hardy	*
Ffmpeg	Ubuntu	upstream	*
Libav	Ubuntu	natty	*
Libav	Ubuntu	oneiric	*
Libav	Ubuntu	precise	*
Libav	Ubuntu	quantal	*
Libav-extra	Ubuntu	natty	*
Libav-extra	Ubuntu	oneiric	*
Libav-extra	Ubuntu	precise	*
Libav-extra	Ubuntu	quantal	*

References

http://ffmpeg.org/security.html
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=5ad7335ebac2b38bb2a1c8df51a500b78461c05a
http://libav.org/releases/libav-0.7.7.changelog
http://libav.org/releases/libav-0.8.4.changelog
http://secunia.com/advisories/50468
http://secunia.com/advisories/51257
http://www.mandriva.com/security/advisories?name=MDVSA-2013:079
http://www.openwall.com/lists/oss-security/2012/08/31/3
http://www.openwall.com/lists/oss-security/2012/09/02/4
http://www.securityfocus.com/bid/55355

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2794
CWE	https://cwe.mitre.org/data/definitions/.html