11 matches found
Mandriva Linux Security Advisory : ffmpeg (MDVSA-2011:060)
Multiple vulnerabilities has been identified and fixed in ffmpeg : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...
CVE-2009-4633
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
Heap overflow
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...
CVE-2009-4633
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4633
FFmpeg 0.5 is affected by CVE-2009-4633: vorbis_dec.c contains an assignment operator where a comparison was intended, enabling a crafted file to trigger a heap-based buffer overflow, potentially causing DoS or arbitrary code execution. Mandriva/OpenVAS advisories reference FFmpeg-related fixes i...
CVE-2009-4634
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...
CVE-2009-4634
The CVE-2009-4634 issue is a vulnerability in FFmpeg 0.5 involving multiple integer underflows that allow a remote attacker to cause a denial of service and potentially execute arbitrary code via crafted files. Specifically, one vector bypasses a validation in vorbis_dec.c causing a stack pointer...
CVE-2009-4633
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...
CVE-2009-4633
vorbisdec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow...