Vulnerability Database
296,746
Total vulnerabilities in the database
CVE-2012-6618
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate."
| Software | From | Fixed in |
|---|---|---|
| ffmpeg / ffmpeg | 1.0 | 1.0.x |
| ffmpeg / ffmpeg | - | 1.0.1.x |
- http://article.gmane.org/gmane.comp.video.ffmpeg.user/42233
- http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v9.11
- http://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v9.11
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
- http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
- http://secunia.com/advisories/51964
- http://www.ffmpeg.org/security.html
- https://trac.ffmpeg.org/ticket/1991
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime