CVE-2012-2787

Published: 10 September 2012

Unspecified vulnerability in the decode_frame function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."

Notes

Author	Note
mdeslaur	ffmpeg-extra in multiverse needs to have matching version libav-extra is built with tarball produced by libav package no indeo4.c in 0.7.x and older

Priority

Status

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	hardy	Ignored (end of life)
	lucid	Not vulnerable (code not present)
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Needs triage
	Patches: upstream: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=01bf2ad7351fdaa2e21b6bdf963d22d6ffccb920
ffmpeg-extra Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Not vulnerable (code not present)
	natty	Does not exist
	oneiric	Does not exist
	precise	Does not exist
	quantal	Does not exist
	upstream	Needs triage
libav Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Does not exist
	natty	Ignored (end of life)
	oneiric	Not vulnerable (code not present)
	precise	Released (4:0.8.4-0ubuntu0.12.04.1)
	quantal	Released (6:0.8.4-0ubuntu0.12.10.1)
	upstream	Needs triage
	Patches: upstream: http://git.libav.org/?p=libav.git;a=commitdiff;h=b146d74730ab9ec5abede9066f770ad851e45fbc
libav-extra Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Does not exist
	natty	Ignored (end of life)
	oneiric	Not vulnerable (code not present)
	precise	Released (4:0.8.4ubuntu0.12.04.1)
	quantal	Released (6:0.8.4ubuntu0.12.10.1)
	upstream	Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›