VIR Vulnerability Intelligence Relay

CVE-2012-2774

medium
Published 2012-09-10 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.0

Description

The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "a frame outside SETUP state."

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed0
debian debianbullseyefixed0
debian debianforkyfixed0
debian debiansidfixed0
debian debiantrixiefixed0

Application impact
VendorProductVersionsFixed
ffmpegffmpeg{"endIncluding":"0.10.4"}
ffmpegffmpeg0.3
ffmpegffmpeg0.3.1
ffmpegffmpeg0.3.2
ffmpegffmpeg0.3.3
ffmpegffmpeg0.3.4
ffmpegffmpeg0.4.0
ffmpegffmpeg0.4.2
ffmpegffmpeg0.4.3
ffmpegffmpeg0.4.4
ffmpegffmpeg0.4.5
ffmpegffmpeg0.4.6
ffmpegffmpeg0.4.7
ffmpegffmpeg0.4.8
ffmpegffmpeg0.4.9
ffmpegffmpeg0.5
ffmpegffmpeg0.5.1
ffmpegffmpeg0.5.2
ffmpegffmpeg0.5.3
ffmpegffmpeg0.5.4
ffmpegffmpeg0.5.4.5
ffmpegffmpeg0.5.4.6
ffmpegffmpeg0.6
ffmpegffmpeg0.6.1
ffmpegffmpeg0.6.2
ffmpegffmpeg0.6.3
ffmpegffmpeg0.7
ffmpegffmpeg0.7.1
ffmpegffmpeg0.7.2
ffmpegffmpeg0.7.3
ffmpegffmpeg0.7.4
ffmpegffmpeg0.7.5
ffmpegffmpeg0.7.6
ffmpegffmpeg0.7.7
ffmpegffmpeg0.7.8
ffmpegffmpeg0.7.9
ffmpegffmpeg0.7.11
ffmpegffmpeg0.7.12
ffmpegffmpeg0.8.0
ffmpegffmpeg0.8.1
ffmpegffmpeg0.8.2
ffmpegffmpeg0.8.5
ffmpegffmpeg0.8.5.3
ffmpegffmpeg0.8.5.4
ffmpegffmpeg0.8.6
ffmpegffmpeg0.8.7
ffmpegffmpeg0.8.8
ffmpegffmpeg0.8.10
ffmpegffmpeg0.8.11
ffmpegffmpeg0.9
ffmpegffmpeg0.9.1
ffmpegffmpeg0.10
ffmpegffmpeg0.10.3

References

CWEs

CWE-119

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.