CVE-2012-0858 (retired)

Priority
Description
The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12
and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before
0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers
to cause a denial of service (application crash) and possibly execute
arbitrary code via a crafted Shorten file, related to an "invalid free".
Notes
 mdeslaur> as of 2012-05-22, no equivalent fix in ffmpeg 0.5.x
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Upstream:18bcfc912e48bf77a5202a0e24a3b884b9b2ff2c
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commit;h=204cb29b3c84a74cbcd059d353c70c8bdc567d98
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commit;h=9e5e2c2d010c05c10337e9c1ec9d0d61495e0c9c (related)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Package
Source: libav (LP Ubuntu Debian)
Upstream:released (0.6.6,0.7.5,0.8.1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (4:0.8.1-0ubuntu2)
Patches:
Upstream:http://git.libav.org/?p=libav.git;a=commit;h=204cb29b3c84a74cbcd059d353c70c8bdc567d98
Upstream:http://git.libav.org/?p=libav.git;a=commit;h=9e5e2c2d010c05c10337e9c1ec9d0d61495e0c9c (related)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (4:0.8.1ubuntu1)
More Information

Updated: 2019-03-26 12:00:48 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)