Debian DLA-83-1 : ffmpeg update

This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc. This update is only meant to reduce the attack surface. ffmpeg is otherwise unsupported in squeeze-lts, and...

UBUNTU-CVE-2015-1558

Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service file descriptor consumption via an SDP offer containing only incompatible codecs...

DEBIAN-CVE-2015-1558

Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service file descriptor consumption via an SDP offer containing only incompatible codecs...

AST-2015-001: File descriptor leak when incompatible codecs are offered

Asterisk Project Security Advisory - AST-2015-001 Product Asterisk Summary File descriptor leak when incompatible codecs are offered Nature of Advisory Resource exhaustion Susceptibility Remote Authenticated Sessions Severity Major Exploits Known No Reported On 6 January, 2015 Reported By Y Ateya...

Asterisk DoS

Crash on empty WebSocket frame. File descriptor leak on incompatible codecs...

FreeBSD : asterisk -- File descriptor leak when incompatible codecs are offered (2eeb6652-a7a6-11e4-96ba-001999f8d30b)

The Asterisk project reports : Asterisk may be configured to only allow specific audio or video codecs to be used when communicating with a particular endpoint. When an endpoint sends an SDP offer that only lists codecs not allowed by Asterisk, the offer is rejected. However, in this case, RTP...

asterisk -- File descriptor leak when incompatible codecs are offered

The Asterisk project reports: Asterisk may be configured to only allow specific audio or video codecs to be used when communicating with a particular endpoint. When an endpoint sends an SDP offer that only lists codecs not allowed by Asterisk, the offer is rejected. However, in this case, RTP por...

[SECURITY] [DLA 83-1] ffmpeg update

Package : ffmpeg Version : 4:0.5.10-1+deb6u1 This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc. This update is only meant to reduce the attack surface. ffmpeg...

DLA-83-1 ffmpeg - update

Bulletin has no description...

Intel Video Codecs 5.0 - Remote Denial of Service Vulnerability

No description provided by source...

openSUSE Security Update : Chromium (openSUSE-SU-2012:1637-1)

Chromium was updated to 25.0.1343 - Security Fixes bnc791234 and bnc792154 : - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...

RealPlayer - '.3gp' File Processing Memory Corruption

source: https://www.securityfocus.com/bid/67434/info RealPlayer is prone to a memory-corruption vulnerability. An attacker can leverage this issue to crash the affected application, causing a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible bu...

GLSA-201312-11 : Win32 Codecs: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201312-11 Win32 Codecs: User-assisted execution of arbitrary code A heap-based buffer overflow exists when handling Shockwave Flash files. Impact : A remote attacker could entice a user to open a specially crafted Flash file using...

Win32 Codecs: User-assisted execution of arbitrary code

Background Win32 Codecs is a set of Windows audio and video playback codecs. Description A heap-based buffer overflow exists when handling Shockwave Flash files. Impact A remote attacker could entice a user to open a specially crafted Flash file using a package linked against Win32 Codecs, possib...

Microsoft Windows AutoRuns Codecs

Binary data windowsautorunscodecs.nbin...

Cisco TelePresence Codecs DoS

According to the self-reported version returned by the SNMP service on the remote device, it is affected by a denial of service vulnerability that can be triggered by sending a specially crafted SIP packet. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69047;...

SuSE Update for Chromium openSUSE-SU-2012:1637-1 (Chromium)

Check for the Version of Chromium OpenVAS Vulnerability Test $Id: gbsuse201216371.nasl 8494 2018-01-23 06:57:55Z teissa $ SuSE Update for Chromium openSUSE-SU-2012:1637-1 Chromium Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Chromium to 25.0.1343 (important)

Chromium was updated to 25.0.1343 Security Fixes bnc791234 and bnc792154: - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...

VulnCheck KEV: CVE-2010-0480

Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder...

Debian: Security Advisory (DSA-2494-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...