CVE-2012-5144 - Vulnerability Details

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Google	Chrome
Libav	Libav
Opensuse	Opensuse

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:libav:libav:0.8:::::::*
	cpe:2.3:a:libav:libav:0.8:beta2::::::
	cpe:2.3:a:libav:libav:0.8.1:::::::*
	cpe:2.3:a:libav:libav:0.8.2:::::::*
	cpe:2.3:a:libav:libav:0.8.3:::::::*
	cpe:2.3:a:libav:libav:0.8.4:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:google:chrome::::::::
	cpe:2.3:a:google:chrome:23.0.1271.0:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.1:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.2:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.3:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.4:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.5:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.6:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.7:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.8:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.9:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.10:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.11:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.12:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.13:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.14:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.15:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.16:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.17:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.18:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.19:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.20:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.21:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.22:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.23:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.24:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.26:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.30:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.31:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.32:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.33:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.35:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.36:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.37:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.38:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.39:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.40:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.41:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.44:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.45:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.46:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.49:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.50:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.51:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.52:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.53:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.54:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.55:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.56:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.57:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.58:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.59:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.60:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.61:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.62:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.64:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.83:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.84:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.85:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.86:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.87:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.88:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.89:::::::*
	cpe:2.3:a:google:chrome:23.0.1271.91:::::::*
cpe:2.3:a:google:chrome:23.0.1271.92:::::::*
cpe:2.3:a:google:chrome:23.0.1271.93:::::::*
cpe:2.3:a:google:chrome:23.0.1271.94:::::::*
cpe:2.3:a:google:chrome:23.0.1271.95:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:opensuse:opensuse:12.1:::::::*
	cpe:2.3:o:opensuse:opensuse:12.2:::::::*

Configuration 5 [-]

OR	cpe:2.3:a:libav:libav:0.7:::::::*
	cpe:2.3:a:libav:libav:0.7:beta1::::::
	cpe:2.3:a:libav:libav:0.7:beta2::::::
	cpe:2.3:a:libav:libav:0.7.1:::::::*
	cpe:2.3:a:libav:libav:0.7.2:::::::*
	cpe:2.3:a:libav:libav:0.7.3:::::::*
	cpe:2.3:a:libav:libav:0.7.4:::::::*
	cpe:2.3:a:libav:libav:0.7.5:::::::*
	cpe:2.3:a:libav:libav:0.7.6:::::::*

No data.

References

Link	Providers
http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html
http://libav.org/releases/libav-0.7.7.changelog
http://libav.org/releases/libav-0.8.5.changelog
http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html
http://www.ubuntu.com/usn/USN-1705-1
https://code.google.com/p/chromium/issues/detail?id=161639
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007

History

No history.

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2012-12-12T11:00:00

Updated: 2024-08-06T20:58:02.668Z

Reserved: 2012-09-24T00:00:00

Link: CVE-2012-5144

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-12-12T11:38:44.810

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-5144

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-12-11T00:00:00", "descriptions": [{"lang": "en", "value": "Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to \"an off-by-one overwrite when switching to LTP profile from MAIN.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://libav.org/releases/libav-0.8.5.changelog"}, {"name": "oval:org.mitre.oval:def:16007", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=161639"}, {"name": "openSUSE-SU-2012:1682", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libav.org/releases/libav-0.7.7.changelog"}, {"name": "USN-1705-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1705-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2012-5144", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to \"an off-by-one overwrite when switching to LTP profile from MAIN.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://libav.org/releases/libav-0.8.5.changelog", "refsource": "CONFIRM", "url": "http://libav.org/releases/libav-0.8.5.changelog"}, {"name": "oval:org.mitre.oval:def:16007", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007"}, {"name": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=161639", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=161639"}, {"name": "openSUSE-SU-2012:1682", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html"}, {"name": "http://libav.org/releases/libav-0.7.7.changelog", "refsource": "CONFIRM", "url": "http://libav.org/releases/libav-0.7.7.changelog"}, {"name": "USN-1705-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1705-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:58:02.668Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libav.org/releases/libav-0.8.5.changelog"}, {"name": "oval:org.mitre.oval:def:16007", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=161639"}, {"name": "openSUSE-SU-2012:1682", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libav.org/releases/libav-0.7.7.changelog"}, {"name": "USN-1705-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1705-1"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2012-5144", "datePublished": "2012-12-12T11:00:00", "dateReserved": "2012-09-24T00:00:00", "dateUpdated": "2024-08-06T20:58:02.668Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libav:libav:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "4953EC2E-BCD6-41B5-AEB3-0D82C15363A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.8:beta2:*:*:*:*:*:*", "matchCriteriaId": "3CEBE4E3-50F3-43CB-911F-E1B52C2B8B3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "86038BA1-9B14-4F12-9D61-B106E70F855C", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "84A42948-6239-4DEB-8BF0-39971D60207E", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "622D8D69-5FFB-4217-81B5-5FBC08A17C3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF6BD45-4143-4A45-B7AB-E3428A8BFB4A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC91B3BC-398F-4626-BF34-91FB3E86F334", "versionEndIncluding": "23.0.1271.96", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1C3F2AC-D9A8-48BB-A207-30A8F118BF28", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*", "matchCriteriaId": "60B15707-7C97-48A4-9F20-EC786BDF13C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*", "matchCriteriaId": "14FF6845-B328-4E73-83EB-74860C5EB8EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*", "matchCriteriaId": "B8423F18-4875-4ABE-AC80-57340305D91F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*", "matchCriteriaId": "7E8B4DEA-C174-4E9E-85CF-E7E78C7D87BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*", "matchCriteriaId": "10C06A20-E967-4879-BEDE-DCA1314DF81E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*", "matchCriteriaId": "F721A6BE-FBB8-49EA-8C12-AF341C275C26", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*", "matchCriteriaId": "F2BC8404-7EDD-4B34-92DF-77CABE12CA28", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*", "matchCriteriaId": "07B7CBF0-47D3-4567-8F3A-648D5107DD79", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*", "matchCriteriaId": "41166C4F-68CF-41AB-8F5D-11CBBA6A0BBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*", "matchCriteriaId": "121C4953-953D-47D0-9D66-D0B69AC28831", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*", "matchCriteriaId": "F4AB366A-A3DD-4DAF-A041-720C526C03AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*", "matchCriteriaId": "1E21A142-3481-43B9-9395-7F48AF784463", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*", "matchCriteriaId": "18DCFA28-1766-40A8-AB2D-1F99ECAF3F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*", "matchCriteriaId": "6D0C147B-6B25-48AE-ACC9-6DAB12560290", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*", "matchCriteriaId": "31E62C0B-6FDE-4462-9E9B-7E78A7283705", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*", "matchCriteriaId": "359D25B5-BEED-40C0-9CC2-CCD0D45FDFCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*", "matchCriteriaId": "DC860EB3-EB61-421E-B494-6830337F3CD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*", "matchCriteriaId": "386ED915-8B2A-428D-A825-B814C1B2D7F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*", "matchCriteriaId": "C4FE3859-CBE2-4A47-BE29-1EB193B21E8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*", "matchCriteriaId": "D4844D01-3562-469A-B98E-FA29E42A1A3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*", "matchCriteriaId": "28981813-AC63-4D44-BE1E-4E2F9EB6C9E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*", "matchCriteriaId": "C13124B6-7FE5-4047-88D2-88B7FD7BA389", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*", "matchCriteriaId": "D91B54DA-001B-4231-A102-F328D86AA656", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*", "matchCriteriaId": "04DDC74C-D04A-4C44-A597-3AC873A5290F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*", "matchCriteriaId": "E16EDD52-B5EF-4E66-AC94-39AEA3A008C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*", "matchCriteriaId": "DC6E1AEE-FB1E-4A2A-9BBD-2EE3BD5BDF33", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*", "matchCriteriaId": "966F5E5C-C56E-44F4-B76B-D5CA9E2BAF3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*", "matchCriteriaId": "EB3E1BF3-BA52-46B2-87D4-E0A473D2F65C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*", "matchCriteriaId": "159EF5CD-0E22-4AC3-A14A-A0931AF5D8EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*", "matchCriteriaId": "AD966311-A0DE-4554-984C-1C175E411BA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*", "matchCriteriaId": "7E316E65-EFA7-428F-BA83-B29E019DE1C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*", "matchCriteriaId": "1CD447C2-6789-4EDC-AEFD-830AA3B653F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*", "matchCriteriaId": "D9661CBA-A581-454A-A923-19C3CDFE6391", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*", "matchCriteriaId": "C2437082-6AA3-4CBD-895C-CA14463D831D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*", "matchCriteriaId": "215F3C35-D1CD-44FE-A62A-4BCBACE52587", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*", "matchCriteriaId": "58D66B4A-FBC8-4017-9E32-490AF9298716", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*", "matchCriteriaId": "7258FEEE-B85C-4923-B60D-9B327DA92047", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*", "matchCriteriaId": "95E9516A-A3DC-4B1C-BF56-5A4406E5468E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*", "matchCriteriaId": "10B4D20A-E3A2-493B-89F5-E6BBE37B19CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*", "matchCriteriaId": "A08B0A1B-6E9E-4A71-9506-574BFA1C10CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*", "matchCriteriaId": "B974908F-B63B-4EDC-B3EA-C52FD638C957", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*", "matchCriteriaId": "F3B2E0A1-79C8-4C8D-BFD8-1C7BE9988E2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*", "matchCriteriaId": "2E32E86F-09A0-4CE3-BF9C-C140A0539D4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*", "matchCriteriaId": "78C12838-19AA-44CD-879D-39036C107874", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*", "matchCriteriaId": "FDFC93DA-4AB3-44C4-AB6F-F373A8C24F67", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*", "matchCriteriaId": "DD1FD770-6EA3-4348-9D6C-537EDEDA5F3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*", "matchCriteriaId": "137C6B9C-E81A-48EA-8E6D-842D444180B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*", "matchCriteriaId": "16515194-DAE1-4F9E-8091-1D0C8A3C0BCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*", "matchCriteriaId": "7FB1B004-0CBF-41F1-96E9-E02A6C3745E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*", "matchCriteriaId": "1724A5F9-0A7F-40FF-B0F8-C0BBC982D400", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*", "matchCriteriaId": "257C675B-398B-4E68-999A-39454845B07A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*", "matchCriteriaId": "549E9049-23C4-49F0-BA34-062DA14A5970", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.62:*:*:*:*:*:*:*", "matchCriteriaId": "0951860F-83CD-47A7-951F-2C93A53E9098", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.64:*:*:*:*:*:*:*", "matchCriteriaId": "49D41B4E-275D-4CAE-8165-31EA30DB8B7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.83:*:*:*:*:*:*:*", "matchCriteriaId": "3F9EFE67-FA32-448B-B10A-D68EE04D2E66", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.84:*:*:*:*:*:*:*", "matchCriteriaId": "8AB7CD1B-5FD0-4BE5-9056-35A380BFF087", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.85:*:*:*:*:*:*:*", "matchCriteriaId": "49F73AE2-B1F5-47B7-AEEA-A2810833D8D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.86:*:*:*:*:*:*:*", "matchCriteriaId": "679A878A-0934-4D3C-BC2F-C6FE334D590F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.87:*:*:*:*:*:*:*", "matchCriteriaId": "BB90E306-4BA6-473B-B39F-ED4DB7B2D724", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.88:*:*:*:*:*:*:*", "matchCriteriaId": "0E517092-8323-41D2-A779-251F60B0B53C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.89:*:*:*:*:*:*:*", "matchCriteriaId": "B4C17385-233B-472C-864D-DFC3EAE357AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.91:*:*:*:*:*:*:*", "matchCriteriaId": "64677E1B-B3E8-4EA7-990B-63F17D9792B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.92:*:*:*:*:*:*:*", "matchCriteriaId": "3E87B7DF-308C-4FDD-BF9E-92949FEC8BFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.93:*:*:*:*:*:*:*", "matchCriteriaId": "C1B3EB67-52DD-495E-850D-9471536671EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.94:*:*:*:*:*:*:*", "matchCriteriaId": "0C4F93D0-ECBA-481A-B278-EB907791904C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:23.0.1271.95:*:*:*:*:*:*:*", "matchCriteriaId": "28B6B82F-AB97-4C7A-BCF9-4680E65DB4E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libav:libav:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "18053821-801F-4652-AA73-9FDC5F562BA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "B8B20C36-FD4A-4DEB-B060-90C25440606F", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "3FB24BD2-D741-4790-89C5-133BF8AEB191", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5322AE7-8CAD-45EF-9955-37D16EBBDD40", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "EFCDCA15-DF61-4150-96D7-10D68D07DAD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "C2D50C72-65B2-4490-9259-2A436207A72D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "B3BCDD63-DECF-4494-BCA7-30BFEE7055D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3260A66-B1C9-42F0-841E-63FAB009F020", "vulnerable": true}, {"criteria": "cpe:2.3:a:libav:libav:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "A452FEA8-93B8-4A08-8E07-3FD72687AB1E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to \"an off-by-one overwrite when switching to LTP profile from MAIN.\""}, {"lang": "es", "value": "Google Chrome antes 23.0.1271.97 no realiza correctamente la decodificaci\u00f3n AAC, que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de pila de memoria) o posiblemente tener un impacto no especificado a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2012-5144", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-12-12T11:38:44.810", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://libav.org/releases/libav-0.7.7.changelog"}, {"source": "chrome-cve-admin@google.com", "url": "http://libav.org/releases/libav-0.8.5.changelog"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.ubuntu.com/usn/USN-1705-1"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=161639"}, {"source": "chrome-cve-admin@google.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://libav.org/releases/libav-0.7.7.changelog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://libav.org/releases/libav-0.8.5.changelog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1705-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=161639"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16007"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object