9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Several vulnerabilities have been discovered in FFmpeg coders, which are used
by MPlayer and other applications.
This upload also fixes an incomplete patch from DSA-2000-1. Michael Gilbert
noticed that there was remaining vulnerabilities, which may cause a denial of
service and potentially execution of arbitrary code.
For the oldstable distribution (lenny), this problem has been fixed in
version 0.svn20080206-18+lenny3.
We recommend that you upgrade your ffmpeg-debian packages.