exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2008-4867

Status Candidate

Overview

Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.

Related Files

Gentoo Linux Security Advisory 200903-33
Posted Mar 20, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-33 - Multiple vulnerabilities in FFmpeg may lead to the remote execution of arbitrary code or a Denial of Service. Versions less than 0.4.9_p20090201 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-3162, CVE-2008-4866, CVE-2008-4867, CVE-2008-4868, CVE-2008-4869, CVE-2009-0385
SHA-256 | 2e7fe0c9e6d617ee63532c22950f83623c514d7da4bb23685213a080f9af5e9f
Ubuntu Security Notice 734-1
Posted Mar 16, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-734-1 - It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media (OGM) files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics (DCA) files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie (4xm) files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-4610, CVE-2008-4866, CVE-2008-4867, CVE-2009-0385
SHA-256 | 5537267f70415650662292211f6955cbc9cb714e91da9e07fce11f6086570d49
Mandriva Linux Security Advisory 2009-015
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-015 - Several vulnerabilities have been discovered in ffmpeg, related to the execution of DTS generation code. The updated packages have been patched to prevent this.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-4866, CVE-2008-4867
SHA-256 | abc7444b27f44aca849e0e6259ca2998132873948dc422ae4fddd250881d5f6f
Mandriva Linux Security Advisory 2009-014
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-014 - Several vulnerabilities have been discovered in mplayer, which could allow remote attackers to execute arbitrary code via a malformed TwinVQ file. The updated packages have been patched to prevent this.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-4867, CVE-2008-5616
SHA-256 | 9cfd0c318b9b2db9c34a707efe8619667451d96695a913400ed896b46a89e709
Mandriva Linux Security Advisory 2009-013
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-013 - Several vulnerabilities have been discovered in mplayer, which could allow remote attackers to execute arbitrary code via a malformed TwinVQ file. The updated packages have been patched to prevent this.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-4866, CVE-2008-4867, CVE-2008-5616
SHA-256 | 7719ac67074614b5de6557b6c6331ea09c6b9008d5c2b0d02d6b41879b2e538f
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close