CVE-2012-5144

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-5144
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html
http://libav.org/releases/libav-0.7.7.changelog
http://libav.org/releases/libav-0.8.5.changelog
http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html
http://www.ubuntu.com/usn/USN-1705-1
https://code.google.com/p/chromium/issues/detail?id=161639
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:libav:libav:0.8:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.8:beta2:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.8.4:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.62:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.64:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.83:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.84:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.85:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.86:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.87:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.88:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.89:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.91:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.92:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.93:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.94:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:23.0.1271.95:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:libav:libav:0.7:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:libav:libav:0.7.6:*:*:*:*:*:*:*
History

No history.

Information

Published : 2012-12-12 11:38

Updated : 2024-02-04 18:16

NVD link : CVE-2012-5144

Mitre link : CVE-2012-5144

CVE.ORG link : CVE-2012-5144

JSON object : View

Products Affected

libav

  • libav

opensuse

  • opensuse

canonical

  • ubuntu_linux

google

  • chrome
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer