Xvid mbcoding.c Multiple Function Array Index Error Arbitrary Code Execution

2007-06-20T00:00:00
ID OSVDB:37728
Type osvdb
Reporter Trixter Jack()
Modified 2007-06-20T00:00:00

Description

Solution Description

Upgrade to version 1.1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=183145 Vendor Specific News/Changelog Entry: http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c Vendor Specific News/Changelog Entry: http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c?r1=1.54&r2=1.55 Secunia Advisory ID:26353 Secunia Advisory ID:25711 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200708-02.xml ISS X-Force ID: 34949 CVE-2007-3329 Bugtraq ID: 24561