Mandriva Update for mplayer MDVSA-2011:088 (mplayer)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

Mandriva Linux Security Advisory : ffmpeg (MDVSA-2011:060)

Multiple vulnerabilities has been identified and fixed in ffmpeg : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

[SECURITY] [DSA 2165-1] ffmpeg-debian security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2165-1 [email protected] http://www.debian.org/security/ Luciano Bello February 16, 2011 http://www.debian.org/security/faq -...

DSA-2165-1 ffmpeg-debian - buffer overflow

Bulletin has no description...

CVE-2010-4704

libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service application crash via a crafted .ogg file, related to the vorbisfloor0decode function. NOTE: this might overlap CVE-2011-0480...

Integer overflow

Integer overflow in the vorbisresiduedecodeinternal function in libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480...

CVE-2010-4704

CVE-2010-4704 affects FFmpeg prior to 0.6.1, specifically the Vorbis decoder (libavcodec/vorbis_dec.c). A crafted .ogg file can trigger a denial-of-service (application crash) due to issues in vorbis_floor0_decode. Exploitation is remote and requires no user interaction. The issue is documented a...

CVE-2010-4704

libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service application crash via a crafted .ogg file, related to the vorbisfloor0decode function. NOTE: this might overlap CVE-2011-0480...

CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

DEBIAN-CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

Design/Logic Flaw

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

CVE-2010-3429

CVE-2010-3429 affects FFmpeg’s libavcodec (0.6 and earlier) used by MPlayer and other apps. The flaw resides in flic file processing, enabling remote code execution via a crafted flic, related to an arbitrary offset dereference. Public advisories (GLSA 2013-10-12/13 and related OpenVAS entries) g...

CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

CVE-2010-3429

flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."...

FFmpeg libavcodec / MPlayer buffer overflow

Buffer overflow on flic format parsing...

[oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference

2010-004 FFmpeg/libavcodec arbitrary offset dereference Description: The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient...