Ubuntu: Security Advisory (USN-734-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : ffmpeg -- 4xm processing memory corruption vulnerability (6733e1bf-125f-11de-a964-0030843d3802)

Secunia reports : Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the 'fourxmreadheader' function in libavformat/4xm.c. This can...

USN-734-1: FFmpeg vulnerabilities

It was discovered that FFmpeg did not correctly handle certain malformed Ogg Media OGM files. If a user were tricked into opening a crafted Ogg Media file, an attacker could cause the application using FFmpeg to crash, leading to a denial of service. CVE-2008-4610 It was discovered that FFmpeg di...

FFmpeg 4xm文件解析内存破坏漏洞

BUGTRAQ ID: 33502 CVECAN ID: CVE-2009-0385 FFmpeg是一套对音频和视频进行解码录制转换的完整方案。 Fmpeg在解析畸形的4X电影文件时存在类型转换漏洞，以下是libavformat/4xm.c文件中的有漏洞代码段： .. 93 static int fourxmreadheaderAVFormatContext s, 94 AVFormatParameters ap 95 .. 103 8 int currenttrack = -1; .. 106 9 fourxm-trackcount = 0; 107 10 fourxm-tracks ...

libxine -- multiple vulnerabilities

Multiple vulnerabilities were fixed in libxine 1.1.16.2. Tobias Klein reports: FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of FFmpeg or an application using...

Integer overflow

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...

DEBIAN-CVE-2009-0385

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...

CVE-2009-0385

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...

CVE-2009-0385

Summary (CVE-2009-0385): FFmpeg’s fourxm demuxer contains an integer signedness error in libavformat/4xm.c (function fourxm_read_header). Before revision 16846, this allows a remote attacker to craft a malformed 4X movie file with a large current_track value, triggering a NULL pointer dereference...

CVE-2009-0385

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...

CVE-2009-0385

Integer signedness error in the fourxmreadheader function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large currenttrack value, which triggers a NULL pointer dereference...

[TKADV2009-004] FFmpeg Type Conversion Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: FFmpeg Type Conversion Vulnerability Advisory ID: TKADV2009-004 Revision: 1.0 Release Date: 2009/01/28 Last Modified: 2009/01/28 Date Reported: 2009/01/25 Author: Tobias Klein tk at trapkit.de Affected Software: FFmpeg SVN trunk revision 168...

FFMpeg (VLC, MPlayer, Perian, Xine) integer overflow

Integer overflow on 4X format parsing...

ffmpeg -- 4xm processing memory corruption vulnerability

Secunia reports: Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a signedness error within the "fourxmreadheader" function in libavformat/4xm.c. This can ...

Mandrake Security Advisory MDVSA-2009:013 (mplayer)

The remote host is missing an update to mplayer announced via advisory MDVSA-2009:013. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:014 (mplayer)

The remote host is missing an update to mplayer announced via advisory MDVSA-2009:014. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:014 (mplayer)

The remote host is missing an update to mplayer announced via advisory MDVSA-2009:014. OpenVAS Vulnerability Test $Id: mdksa2009014.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:014 mplayer Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)

The remote host is missing an update to ffmpeg announced via advisory MDVSA-2009:015. OpenVAS Vulnerability Test $Id: mdksa2009015.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:015 ffmpeg Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Mandrake Security Advisory MDVSA-2009:013 (mplayer)

The remote host is missing an update to mplayer announced via advisory MDVSA-2009:013. OpenVAS Vulnerability Test $Id: mdksa2009013.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:013 mplayer Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)

The remote host is missing an update to ffmpeg announced via advisory MDVSA-2009:015. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...