Launchpad.net

CVE 2012-0858

The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free".

Related bugs and status

CVE-2012-0858 (Candidate) is related to these bugs:

Bug #960949: FFe: New Upstream bug and security release 0.8.1

Summary				In	Importance	Status
	960949	FFe: New Upstream bug and security release 0.8.1		libav (Ubuntu)	Medium	Fix Released
	960949	FFe: New Upstream bug and security release 0.8.1		libav-extra (Ubuntu)	Medium	Fix Released

Bug #1012132: June libav/ffmpeg security update tracking bug

		In	Importance	Status
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Lucid)	Undecided	Invalid
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Natty)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Quantal)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Precise)	Medium	Fix Released
1012132	June libav/ffmpeg security update tracking bug	libav (Ubuntu Oneiric)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-0858

Related bugs and status

Related bugs

References