CVE-2008-4867

Related Files

Gentoo Linux Security Advisory 200903-33

Posted Mar 20, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-33 - Multiple vulnerabilities in FFmpeg may lead to the remote execution of arbitrary code or a Denial of Service. Versions less than 0.4.9_p20090201 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2008-3162, CVE-2008-4866, CVE-2008-4867, CVE-2008-4868, CVE-2008-4869, CVE-2009-0385

SHA-256 | 2e7fe0c9e6d617ee63532c22950f83623c514d7da4bb23685213a080f9af5e9f

Download | Favorite | View

Ubuntu Security Notice 734-1

Posted Mar 16, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-734-1 - It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media (OGM) files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics (DCA) files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie (4xm) files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2008-4610, CVE-2008-4866, CVE-2008-4867, CVE-2009-0385

SHA-256 | 5537267f70415650662292211f6955cbc9cb714e91da9e07fce11f6086570d49

Download | Favorite | View

Mandriva Linux Security Advisory 2009-015

Posted Jan 16, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-015 - Several vulnerabilities have been discovered in ffmpeg, related to the execution of DTS generation code. The updated packages have been patched to prevent this.

tags | advisory, vulnerability

systems | linux, mandriva

advisories | CVE-2008-4866, CVE-2008-4867

SHA-256 | abc7444b27f44aca849e0e6259ca2998132873948dc422ae4fddd250881d5f6f

Download | Favorite | View

Mandriva Linux Security Advisory 2009-014

Posted Jan 16, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-014 - Several vulnerabilities have been discovered in mplayer, which could allow remote attackers to execute arbitrary code via a malformed TwinVQ file. The updated packages have been patched to prevent this.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2008-4867, CVE-2008-5616

SHA-256 | 9cfd0c318b9b2db9c34a707efe8619667451d96695a913400ed896b46a89e709

Download | Favorite | View

Mandriva Linux Security Advisory 2009-013

Posted Jan 16, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-013 - Several vulnerabilities have been discovered in mplayer, which could allow remote attackers to execute arbitrary code via a malformed TwinVQ file. The updated packages have been patched to prevent this.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, mandriva

advisories | CVE-2008-4866, CVE-2008-4867, CVE-2008-5616

SHA-256 | 7719ac67074614b5de6557b6c6331ea09c6b9008d5c2b0d02d6b41879b2e538f

Download | Favorite | View