Mandriva Linux Security Advisory 2009-297 - The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file. FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a Tcp/udp memory leak. Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. The updated packages fix this issue. Packages for 2008.0 are being provided due to extended support for Corporate products.
399de3d48aefe63c636341791c67933f4330163a3ee1fafa670fd321d9327c03Mandriva Linux Security Advisory 2009-297 - The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file. FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a Tcp/udp memory leak. Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. The updated packages fix this issue.
52cf9ea61bd4c6ecdc805d07ea7144e9a4e7ca015433a7ece41d5a0a0a789d34Debian Security Advisory 1782-1 - Several vulnerabilities have been discovered in mplayer, a movie player for Unix-like systems.
ab45a988a3319574a71c625778a4441b1a197bf19918be539f70c5720add5dd7Debian Security Advisory 1781-1 - Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder.
ffc625bd60046ffa450d5486a03b15d37373cd07c757e7b76e3ff2fde794b237Gentoo Linux Security Advisory GLSA 200903-33 - Multiple vulnerabilities in FFmpeg may lead to the remote execution of arbitrary code or a Denial of Service. Versions less than 0.4.9_p20090201 are affected.
2e7fe0c9e6d617ee63532c22950f83623c514d7da4bb23685213a080f9af5e9fUbuntu Security Notice USN-734-1 - It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media (OGM) files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. It was discovered that FFmpeg did not correctly handle certain parameters when creating DTS streams. If a user were tricked into processing certain commands, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.10. It was discovered that FFmpeg did not correctly handle certain malformed DTS Coherent Acoustics (DCA) files. If a user were tricked into opening a crafted DCA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg did not correctly handle certain malformed 4X movie (4xm) files. If a user were tricked into opening a crafted 4xm file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
5537267f70415650662292211f6955cbc9cb714e91da9e07fce11f6086570d49
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed