CVE-2008-4610

Related Files

Gentoo Linux Security Advisory 201310-13

Posted Oct 25, 2013

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-13 - Multiple vulnerabilities have been found in MPlayer and the bundled FFmpeg, the worst of which may lead to the execution of arbitrary code. Versions less than 1.1-r1 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2007-6718, CVE-2008-4610, CVE-2010-2062, CVE-2010-3429, CVE-2011-3625

SHA-256 | 08965766fcae25256090b4e385c2d0b3cb8116f70820f4e55055009d3309d422

Download | Favorite | View

Mandriva Linux Security Advisory 2009-335

Posted Dec 18, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-335 - MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to this vulnerability.

tags | advisory, remote, denial of service

systems | linux, mandriva

advisories | CVE-2008-4610

SHA-256 | 08d37c9ccfdd420b03fcf030695f41362afa42c558d44cabda2a9191f2776fb4

Download | Favorite | View

Ubuntu Security Notice 734-1

Posted Mar 16, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-734-1 - It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media (OGM) files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics (DCA) files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie (4xm) files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2008-4610, CVE-2008-4866, CVE-2008-4867, CVE-2009-0385

SHA-256 | 5537267f70415650662292211f6955cbc9cb714e91da9e07fce11f6086570d49

Download | Favorite | View