Ubuntu 4.10 / 5.04 / 5.10 : xine-lib vulnerability (USN-230-2)

USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine library contains a copy of the ffmpeg code, thus it is vulnerable to the same flaw. For reference, this is the original advisory : Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg...

Ubuntu 5.04 : ffmpeg vulnerability (USN-230-1)

Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg library. By tricking an user into opening a malicious movie which contains specially crafted PNG images, this could be exploited to execute arbitrary code with the user's privileges. Note that...

USN-230-2: ffmpeg/xine-lib vulnerability

USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine library contains a copy of the ffmpeg code, thus it is vulnerable to the same flaw. For reference, this is the original advisory: Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg...

USN-230-1: ffmpeg vulnerability

Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg library. By tricking an user into opening a malicious movie which contains specially crafted PNG images, this could be exploited to execute arbitrary code with the user's privileges...

CVE-2005-4048

Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...