Debian Linux Security Advisory 2306-1 - Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder.
676ce5d49d1c7f5b5de00794b0a6d51d6f17cb7e729b9a3e627584fc51928f6fUbuntu Security Notice 1104-1 - Cesar Bernardini and Felipe Andres Manzano discovered that FFmpeg incorrectly handled certain malformed flic files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed wmv files. It was discovered that FFmpeg incorrectly handled certain malformed ogg files. It was discovered that FFmpeg incorrectly handled certain malformed WebM files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed RealMedia files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed VC1 files.
3e6c89dc86b21f60e492841d1b3209709f3e92b20a589bdfd798814dd3503394Mandriva Linux Security Advisory 2011-061 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. Fix memory corruption in WMV parsing. libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service via a crafted.ogg file, related to the vorbis_floor0_decode function. Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebM file, related to buffers for Fix heap corruption crashes. Fix invalid reads in VC-1 decoding. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues.
d6c3a6eef98903a7ea2ba82b2d03e09f18e14c6a66027b06acba91c42c4f166e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed