CVE-2012-0848
FFmpeg 0.9.1 - Heap-Based Buffer Overflow in ws_snd_decode_frame
Title source: llmDescription
Heap-based buffer overflow in the ws_snd_decode_frame function in libavcodec/ws-snd1.c in FFmpeg 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file, related to an incorrect calculation, aka "wrong samples count."
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/14/4
Patch x_refsource_confirm
http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5257743aee0c3982f0079e6553aabc6aa39401d2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78936
Various Sources x_refsource_confirm
http://ffmpeg.org/security.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/02/01/11
Scores
EPSS
0.0091
EPSS Percentile
76.0%
Details
CWE
CWE-119
Status
published
Products (1)
ffmpeg/ffmpeg
0.9.1
Published
Aug 20, 2012
Tracked Since
Feb 18, 2026