exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-335

Mandriva Linux Security Advisory 2009-335
Posted Dec 18, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-335 - MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-4610
SHA-256 | 08d37c9ccfdd420b03fcf030695f41362afa42c558d44cabda2a9191f2776fb4
Download | Favorite | View

Mandriva Linux Security Advisory 2009-335

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:335
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ffmpeg
 Date    : December 17, 2009
 Affected: 2008.0, 2009.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability was discovered and corrected in ffmpeg:
 
 MPlayer allows remote attackers to cause a denial of service
 (application crash) via (1) a malformed AAC file, as demonstrated
 by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as
 demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718
 (CVE-2008-4610).
 
 Packages for 2008.0 are being provided due to extended support for
 Corporate products.
 
 This update provides a solution to this vulnerability.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4610
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 beeabb1996d9bf736309cc48dacf59a1  2008.0/i586/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
 6cc819d7659aa3c3110a09764341f17a  2008.0/i586/libavformats51-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
 a64149c0223fce925bcc9a44261379a8  2008.0/i586/libavutil49-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
 e32ff29ad5bb4988009ba73d587f22d1  2008.0/i586/libffmpeg51-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
 432a60bd0ffbe8faad641154f161b12c  2008.0/i586/libffmpeg51-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm
 bef39a87bdfe586aa27a8124a5f42b46  2008.0/i586/libffmpeg51-static-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.i586.rpm 
 f3dcc5d0422d10a807f19beec6460401  2008.0/SRPMS/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 0adb11ce92b7023d84e17c47b416a02e  2008.0/x86_64/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
 f99f57c6bd2c1c905723de5d23cbc78d  2008.0/x86_64/lib64avformats51-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
 1848eaa502b484235fc49d9dee5f46ee  2008.0/x86_64/lib64avutil49-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
 3bbabab6bb9461f1ac9f0991b7669dc8  2008.0/x86_64/lib64ffmpeg51-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
 391c848cb410158b73199e7f2e02733a  2008.0/x86_64/lib64ffmpeg51-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm
 b2bc211725adcebe19a1ed90c87248e1  2008.0/x86_64/lib64ffmpeg51-static-devel-0.4.9-3.pre1.8994.2.4mdv2008.0.x86_64.rpm 
 f3dcc5d0422d10a807f19beec6460401  2008.0/SRPMS/ffmpeg-0.4.9-3.pre1.8994.2.4mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 9e6955be6fc29847200a396543e91f91  2009.0/i586/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 e793f88f8612e83b87c75d28aa7b3ee3  2009.0/i586/libavformats52-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 510e5d64d1f3ce851aa58295048b6ce4  2009.0/i586/libavutil49-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 81d1d46a7b798bb137a3ce65433c5450  2009.0/i586/libffmpeg51-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 abf4b34aa90f1cfd613cf5e5bba6d01d  2009.0/i586/libffmpeg-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 62841712208ab5dc5131383715e46e45  2009.0/i586/libffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm
 b523f312fcbe542a68af8415535813bb  2009.0/i586/libswscaler0-0.4.9-3.pre1.14161.1.3mdv2009.0.i586.rpm 
 95a8fe70eb607239e0fefe877345b8e3  2009.0/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 b25852f91e95c0dd6cac413421f09817  2009.0/x86_64/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 d5d5e19e0a589924a37cd82addc3d135  2009.0/x86_64/lib64avformats52-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 e8b76380ce69b61d745aa3365b89a0d1  2009.0/x86_64/lib64avutil49-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 b52751767266afc6e30697905cc0a22d  2009.0/x86_64/lib64ffmpeg51-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 d4a24cd43474784d990e2d18b1fbeb88  2009.0/x86_64/lib64ffmpeg-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 5c618faeabddbf34969458b9bf3be9ed  2009.0/x86_64/lib64ffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm
 e584888b791440e6427c25dddad185f5  2009.0/x86_64/lib64swscaler0-0.4.9-3.pre1.14161.1.3mdv2009.0.x86_64.rpm 
 95a8fe70eb607239e0fefe877345b8e3  2009.0/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdv2009.0.src.rpm

 Mandriva Enterprise Server 5:
 a9bad1d3f80f6abc794e12b7a616118b  mes5/i586/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 2e1de6fd3253390d5a97f44ce410ef7a  mes5/i586/libavformats52-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 d59edc9e6f14340853b421805846238b  mes5/i586/libavutil49-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 22c19b94d9e6e887e080a16a724083b9  mes5/i586/libffmpeg51-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 a1771b311f17e89ee35aca056e3a2fe3  mes5/i586/libffmpeg-devel-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 ef57ad2c274230c8924cf7f85901d956  mes5/i586/libffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm
 c9391186267f11449a359a9a3f46c10f  mes5/i586/libswscaler0-0.4.9-3.pre1.14161.1.3mdvmes5.i586.rpm 
 24d45cd3251b8876c41d60e164f61db2  mes5/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 d89476745c6defb6299cc521dcb9d811  mes5/x86_64/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 1ec046f0bc0d805cbddc0a09eb731813  mes5/x86_64/lib64avformats52-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 21f1a295e0d12ed3bf8e91e18e557d4a  mes5/x86_64/lib64avutil49-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 2ac6b11c3cdffbfb7ce66ec7ed92794b  mes5/x86_64/lib64ffmpeg51-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 0958f365fc0377700789901f3cfc70b4  mes5/x86_64/lib64ffmpeg-devel-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 2283f579aef13eb81f97f37b694f6393  mes5/x86_64/lib64ffmpeg-static-devel-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm
 d1d3b94079ddff1e40e19b351714c1fd  mes5/x86_64/lib64swscaler0-0.4.9-3.pre1.14161.1.3mdvmes5.x86_64.rpm 
 24d45cd3251b8876c41d60e164f61db2  mes5/SRPMS/ffmpeg-0.4.9-3.pre1.14161.1.3mdvmes5.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLKlMxmqjQ0CJFipgRAnrBAKCLwSWexDuGzACY5dZuH42BvRzYqgCeIpiR
ToKThFbj+KOsukdA6OcMMGA=
=yb49
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close