25 matches found
Mandriva Security Advisory MDVSA-2009:299 (xine-lib)
The remote host is missing an update to xine-lib announced via advisory MDVSA-2009:299. OpenVAS Vulnerability Test $Id: mdksa2009299.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:299 xine-lib Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...
Mandriva Security Advisory MDVSA-2009:299 (xine-lib)
The remote host is missing an update to xine-lib announced via advisory MDVSA-2009:299. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:299)
Vulnerabilities have been discovered and corrected in xine-lib : - Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom,...
FFmpeg 4xm Processing Memory Corruption (CVE-2009-0385)
FFmpeg is a set of libraries and executables that can be used to record, convert and stream digital audio and video in numerous formats. FFmpeg is a command line tool that is composed of a collection of free software / open source libraries. It includes libavcodec, an audio/video codec library us...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xine-lib vulnerability (USN-746-1)
It was discovered that the 4xm demuxer in xine-lib did not correctly handle a large currenttrack value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : xine-lib vulnerabilities (USN-763-1)
It was discovered that the QT demuxer in xine-lib did not correctly handle a large count value in an STTS atom, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user...
xine-lib
New xine-lib packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0385 Here are the details from the Slackware 12.2 ChangeLo...
Ubuntu: Security Advisory (USN-746-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libxine -- multiple vulnerabilities
xine developers report: Fix another possible int overflow in the 4XM demuxer. ref. TKADV2009-004, CVE-2009-0385 Fix an integer overflow in the Quicktime demuxer...
USN-746-1: xine-lib vulnerability
It was discovered that the 4xm demuxer in xine-lib did not correctly handle a large currenttrack value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute...
Ubuntu USN-734-1 (ffmpeg-debian)
The remote host is missing an update to ffmpeg-debian announced via advisory USN-734-1. OpenVAS Vulnerability Test $Id: ubuntu7341.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7341.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-734-1 ffmpeg-debian Author...
Ubuntu: Security Advisory (USN-734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : ffmpeg -- 4xm processing memory corruption vulnerability (6733e1bf-125f-11de-a964-0030843d3802)
Secunia reports : Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the 'fourxmreadheader' function in libavformat/4xm.c. This can...
USN-734-1: FFmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media OGM files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. CVE-2008-4610 It was discovered that FFmpeg di...
CVE-2009-0698
Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...
CVE-2009-0698
Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...
Integer overflow
Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...
CVE-2009-0698
Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...
CVE-2009-0698
Technical details for CVE-2009-0698 are not publicly provided in the Connected Documents. Monitor for updates; currently, the supplied sources do not specify affected product/version/root cause/impact or fixes for this CVE.
CVE-2009-0698
Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...