Mandrake Linux Security Advisory : xmovie (MDKSA-2005:229)

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...

Mandrake Linux Security Advisory : ffmpeg (MDKSA-2005:231)

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...

GLSA-200601-06 : xine-lib, FFmpeg: Heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200601-06 xine-lib, FFmpeg: Heap-based buffer overflow Simon Kilvington has reported a vulnerability in FFmpeg libavcodec. The flaw is due to a buffer overflow error in the 'avcodecdefaultgetbuffer' function. This function doesn't...

Mandrake Linux Security Advisory : mplayer (MDKSA-2005:230)

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the 'avcodecdefaultgetbuffer' function of 'utils.c' i...

xine-lib, FFmpeg: Heap-based buffer overflow

Background xine is a GPL high-performance, portable and reusable multimedia playback engine. xine-lib is xine's core engine. FFmpeg is a very fast video and audio converter and is used in xine-lib. Description Simon Kilvington has reported a vulnerability in FFmpeg libavcodec. The flaw is due to ...

USN-230-2: ffmpeg/xine-lib vulnerability

USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine library contains a copy of the ffmpeg code, thus it is vulnerable to the same flaw. For reference, this is the original advisory: Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg...

MDKSA-2005:231 - Updated ffmpeg packages fix buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:231 http://www.mandriva.com/security/ Package : ffmpeg Date : December 14, 2005 Affected: 2006.0, Corporate 3.0 Problem Description: Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which ca...

MDKSA-2005:228 - Updated xine-lib packages fix buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:228 http://www.mandriva.com/security/ Package : xine-lib Date : December 14, 2005 Affected: 2006.0, Corporate 3.0 Problem Description: Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which...

MDKSA-2005:232 - Updated gstreamer-ffmpeg packages fix buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:232 http://www.mandriva.com/security/ Package : gstreamer-ffmpeg Date : December 14, 2005 Affected: 2006.0 Problem Description: Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which can be...

MDKSA-2005:229 - Updated xmovie packages fix buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:229 http://www.mandriva.com/security/ Package : xmovie Date : December 14, 2005 Affected: 2006.0, Corporate 3.0 Problem Description: Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which ca...

MDKSA-2005:230 - Updated mplayer packages fix buffer overflow vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:230 http://www.mandriva.com/security/ Package : mplayer Date : December 14, 2005 Affected: 2006.0, Corporate 3.0 Problem Description: Simon Kilvington discovered a vulnerability in FFmpeg libavcodec, which c...

USN-230-1: ffmpeg vulnerability

Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg library. By tricking an user into opening a malicious movie which contains specially crafted PNG images, this could be exploited to execute arbitrary code with the user's privileges...

CVE-2005-4048

Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...

CVE-2005-4048

Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...

CVE-2005-4048

CVE-2005-4048 is corroborated across OpenVAS/Gentoo/Ubuntu advisories tied to FFmpeg libavcodec up to 0.4.9-pre1 and earlier. A heap-based buffer overflow in avcodec_default_get_buffer (utils.c) can be triggered by crafted small PNG images with palettes, potentially enabling remote command execut...

CVE-2005-4048

Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...

CVE-2005-4048

Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...

ffmpeg -- libavcodec buffer overflow vulnerability

Secunia reports: Simon Kilvington has reported a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the "avcodecdefaultgetbuffer"...