CVE-2012-2796 Information

Description

Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors related to inconsistencies in \coded slice positions and interlacing\ that trigger \out of array writes.\

Reference

http://ffmpeg.org/security.html http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5e59a77cec804a9b44c60ea22c17beba6453ef23 http://libav.org/releases/libav-0.8.4.changelog http://secunia.com/advisories/50468 http://secunia.com/advisories/51257 http://www.mandriva.com/security/advisories?name=MDVSA-2013:079 http://www.openwall.com/lists/oss-security/2012/08/31/3 http://www.openwall.com/lists/oss-security/2012/09/02/4 http://www.securityfocus.com/bid/55355