CVE-2012-0857
Published: 20 August 2012
Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors.
Notes
Author | Note |
---|---|
jdstrand | experimental code |
mdeslaur | code not present in libav and ffmpeg 0.5.x |
Priority
Status
Package | Release | Status |
---|---|---|
ffmpeg Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
upstream |
Needs triage
|
|
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. | ||
ffmpeg-extra Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
upstream |
Needs triage
|
|
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. | ||
libav Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Not vulnerable
(code not present)
|
|
oneiric |
Not vulnerable
(code not present)
|
|
precise |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. | ||
libav-extra Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Not vulnerable
(code not present)
|
|
oneiric |
Not vulnerable
(code not present)
|
|
precise |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. |