VDB
CVE-2012-0855
CVE-2012-0855
PUBLISHED
CVSS 5 MEDIUM
Heap-based buffer overflow in the get_sot function in the J2K decoder (j2k.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to the curtileno variable.
EPSS 1.33% · 80.3th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
1.33%
80.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ffmpeg | ffmpeg | 0.4.6, 0, 0.3 |
| n/a | n/a | n/a |
Exploit Intelligence
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3eedf9f716733b3b4c5205726d2c1ca52b3d3d78 (circl)
- [oss-security] 20120214 Re: CVE Requests for FFmpeg 0.9.1 (circl)
- http://ffmpeg.org/security.html (circl)
- [oss-security] 20120201 Re: CVE Requests for FFmpeg 0.9.1 (circl)
- ffmpeg-getsot-bo(78929) (circl)
Timeline
- Aug 27, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=3eedf9f716733b3b4c5205726d2c1ca52b3d3d78 url
- [oss-security] 20120214 Re: CVE Requests for FFmpeg 0.9.1 mailing-list
- http://ffmpeg.org/security.html url
- [oss-security] 20120201 Re: CVE Requests for FFmpeg 0.9.1 mailing-list
- ffmpeg-getsot-bo(78929) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2012-0855 advisory
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3eedf9f716733b3b4c5205726d2c1ca52b3d3d78 url