CVE-2012-0849

2012-08-28 01:55:01 2018-10-30 17:25:34

Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted JPEG2000 image that triggers an incorrect check for a negative value.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

FFmpeg 0.8.10 FFmpeg 0.8.8 FFmpeg 0.8.7 FFmpeg 0.8.6 FFmpeg 0.8.5 FFmpeg 0.8.2 FFmpeg 0.8.1 FFmpeg 0.8.0 FFmpeg 0.7.12 FFmpeg 0.7.11 FFmpeg 0.7.9 FFmpeg 0.7.8 FFmpeg 0.7.7 FFmpeg 0.7.6 FFmpeg 0.7.3 FFmpeg 0.7.2 FFmpeg 0.7.1 FFmpeg 0.7 FFmpeg 0.6.2 FFmpeg 0.6.1 FFmpeg 0.6 FFmpeg 0.5.4 FFmpeg 0.5.3 FFmpeg 0.5.2 FFmpeg 0.5.1 FFmpeg 0.5 FFmpeg 0.4.9 pre1 Ffmpeg Ffmpeg 0.4.9 (not an official CPE) FFmpeg 0.4.8 FFmpeg 0.4.7 FFmpeg 0.4.6 FFmpeg 0.4.5 FFmpeg 0.4.4 FFmpeg 0.4.3 FFmpeg 0.4.2 FFmpeg 0.4.0 FFmpeg 0.3.4 FFmpeg FFmpeg 0.9 FFmpeg 0.8.11 FFmpeg 0.3.3 FFmpeg 0.3.2 FFmpeg 0.3.1 FFmpeg 0.3

Ffmpeg - Ffmpeg

Advisory	Patch	Confirmed	Link
			ffmpeg-ffj2kdwtinit-dos(78935)
			[oss-security] 20120214 Re: CVE Requests for FFmpeg 0.9....
			[oss-security] 20120201 Re: CVE Requests for FFmpeg 0.9....
			http://www.ffmpeg.org/trac/ffmpeg/ticket/776
			http://git.videolan.org/?p=ffmpeg.git;a=commit;h=1f99939...
			http://ffmpeg.org/security.html

CVE-2012-0849

2012-08-28 01:55:01 2018-10-30 17:25:34

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)