CVE-2012-0947
- Source
- https://cve.org/CVERecord?id=CVE-2012-0947
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-0947.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2012-0947
- Downstream
- Published
- 2012-08-20T18:55:02Z
- Modified
- 2025-08-09T19:01:27Z
- Summary
- [none]
- Details
-
Heap-based buffer overflow in the vqadecodechunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VQA media file in which the image size is not a multiple of the block size.
- References
-
- http://secunia.com/advisories/49089
- http://www.debian.org/security/2012/dsa-2471
- http://www.ubuntu.com/usn/USN-1479-1
- https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980963
- http://git.libav.org/?p=libav.git%3Ba=commit%3Bh=58b2e0f0f2fc96c1158e04f8aba95cbe6157a1a3
- http://libav.org/
- http://www.openwall.com/lists/oss-security/2012/05/03/4
- http://www.securityfocus.com/bid/53389