FFmpeg libavcodec 'vqavideo.c' '.vaq' File Heap Memory Corruption Vulnerability

Bugtraq ID:	53389
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2012-0947
Remote:	Yes
Local:	No
Published:	May 03 2012 12:00AM
Updated:	Oct 28 2013 12:50AM
Credit:	Fabian Yamaguchi and Markus Lottmann
Vulnerable:	Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Gentoo Linux FFmpeg FFmpeg 0
Not Vulnerable:

FFmpeg libavcodec 'vqavideo.c' '.vaq' File Heap Memory Corruption Vulnerability

FFmpeg is prone to a heap-based memory-corruption vulnerability because it fails to properly validate user-supplied data.

Attackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

FFmpeg libavcodec 'vqavideo.c' '.vaq' File Heap Memory Corruption Vulnerability

The researcher has created a proof-of-concept for this issue. Please see the references for information.

FFmpeg libavcodec 'vqavideo.c' '.vaq' File Heap Memory Corruption Vulnerability

Solution:
Updates are available. Please see the references for more information.

FFmpeg libavcodec 'vqavideo.c' '.vaq' File Heap Memory Corruption Vulnerability

References:

• [PATCH] vqavideo: return error if image size is not a multiple of block size (Mans Rullgard)
  
• FFmpeg Homepage (FFmpeg)
  
• Heap-based Buffer Overflow in libavcodec (Fabian Yamaguchi)