Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2012-0859

The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Vorbis file, related to a large multiplier. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3893.

  • Published: Aug 20, 2012
  • Updated: Nov 8, 2023
  • CVE: CVE-2012-0859
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
ffmpeg / ffmpeg 0.7.7 0.7.7.x
ffmpeg / ffmpeg 0.7.1 0.7.1.x
ffmpeg / ffmpeg 0.8.6 0.8.6.x
ffmpeg / ffmpeg - 0.9.x
ffmpeg / ffmpeg 0.8.5 0.8.5.x
ffmpeg / ffmpeg 0.8.10 0.8.10.x
ffmpeg / ffmpeg 0.7.8 0.7.8.x
ffmpeg / ffmpeg 0.8.7 0.8.7.x
ffmpeg / ffmpeg 0.7.9 0.7.9.x
ffmpeg / ffmpeg 0.7.12 0.7.12.x
ffmpeg / ffmpeg 0.8.11 0.8.11.x
ffmpeg / ffmpeg 0.8.8 0.8.8.x
ffmpeg / ffmpeg 0.7.11 0.7.11.x
ffmpeg / ffmpeg 0.7.2 0.7.2.x