VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 12, 2012· Updated Apr 29, 2026

CVE-2012-5144

CVE-2012-5144

Description

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."

Affected products

88
  • Google/Chrome68 versions
    cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 67 more
    • cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <=23.0.1271.96
    • cpe:2.3:a:google:chrome:23.0.1271.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.10:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.11:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.12:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.13:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.14:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.15:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.16:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.17:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.18:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.19:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.20:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.21:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.22:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.23:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.24:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.26:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.3:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.30:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.31:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.32:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.35:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.36:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.37:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.38:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.39:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.4:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.40:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.41:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.44:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.45:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.46:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.49:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.5:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.50:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.51:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.52:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.53:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.54:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.55:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.56:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.57:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.58:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.59:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.6:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.60:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.61:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.62:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.64:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.7:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.8:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.83:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.84:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.85:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.86:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.87:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.88:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.89:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.9:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.91:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.92:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.93:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.94:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:23.0.1271.95:*:*:*:*:*:*:*
  • Libav/Libav15 versions
    cpe:2.3:a:libav:libav:0.7:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:libav:libav:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7:beta1:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.7:beta2:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:libav:libav:0.8:beta2:*:*:*:*:*:*
  • Canonical/Ubuntu Linux3 versions
    cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.