Gentoo Linux Security Advisory 201310-12 - Multiple vulnerabilities were found in FFmpeg, the worst of which might enable remote attackers to cause user-assisted execution of arbitrary code. Versions less than 1.0.7 are affected.
d23e903782e194c3e161da651dead966b61dd687650a2ec514384ffd8de17b78Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service via an invalid bitstream in a Chinese AVS video file, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.
18dc0b1c3f83bcd521ea58847ed494e97c63f2bb8bcd31d035718be13de786d5Mandriva Linux Security Advisory 2012-076 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.
cbe20e763ddb60533e4aa2c0372e6d26d0fcf0e0faa767ddc8c8e5d69b7d5216Mandriva Linux Security Advisory 2012-075 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues were also addressed.
a0a8eba7465a48df476d1df9722497c093dac6a589b1c042b115c0aad4fae55bMandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.
84d6c91018ca31f8f470c32ca860e11e8ebe2e0ced01c5cd91935701ad5dcc51Debian Linux Security Advisory 2336-1 - Multiple vulnerabilities were found in the ffmpeg, a multimedia player, server and encoder.
dc2b9970d45982b86e871fc5634a2d87ae725f935f5d8caeb23644a0f8a8994dUbuntu Security Notice 1209-2 - It was discovered that Libav incorrectly handled certain malformed ogg files. If a user were tricked into opening a crafted ogg file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Libav incorrectly handled certain malformed AMV files. If a user were tricked into opening a crafted AMV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
9621f95272d1d1ce829f24f5c28f2c8817f6ad5df4167d0c0cb9336fa27f9d7fUbuntu Security Notice 1209-1 - It was discovered that FFmpeg incorrectly handled certain malformed ogg files. If a user were tricked into opening a crafted ogg file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. It was discovered that FFmpeg incorrectly handled certain malformed AMV files. If a user were tricked into opening a crafted AMV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. Various other issues were also addressed.
9a25bee80cf1df7c81ece3ee62fc95b8e13a4030196ba5a3b6bf163c90a3cd58
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed