CVE-2012-0851
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2012-0851
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2012-0851.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2012-0851
- Downstream
- Published
- 2012-08-20T18:55:02Z
- Modified
- 2025-08-09T20:01:26Z
- Summary
- [none]
- Details
-
The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chromaformatidc value.
- References
-
- http://ffmpeg.org/trac/ffmpeg/ticket/758
- http://libav.org/
- http://www.debian.org/security/2012/dsa-2494
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:079
- http://www.ubuntu.com/usn/USN-1479-1
- http://ffmpeg.org/security.html
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=7fff64e00d886fde11d61958888c82b461cf99b9
- http://www.openwall.com/lists/oss-security/2012/02/14/4
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78933