Lucene search
RootSSV:20447HistoryApr 08, 2011 - 12:00 a.m.
FFmpeg畸形".wmv"文件解析内存破坏远程代码执行漏洞
2011-04-0800:00:00
Root
www.seebug.org
15
0.019 Low
EPSS
Percentile
87.3%
BUGTRAQ ID: 47147
CVE ID: CVE-2010-3908
FFmpeg是一个自由软件,可以执行音讯和视讯多种格式的录影、转档、串流功能,包含了libavcodec ─这是一个用于多个专案中音讯和视讯的解码器函式库,以及 libavformat ——一个音讯与视讯格式转换函式库。
FFmpeg在解析畸形.wmv文件时存在内存破坏远程代码执行漏洞,远程攻击者可利用此漏洞在受影响应用程序中执行任意代码或造成拒绝服务。
Ubuntu Linux 9.x
Ubuntu Linux 8.x
Ubuntu Linux 10.x
FFmpeg FFmpeg <= 0.5.4
厂商补丁:
FFmpeg
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
ubuntucve
ubuntucve
CVE-2010-3908
2011-02-16 00:00:00
cve
cve
CVE-2010-3908
2011-05-20 22:55:00
debiancve
debiancve
CVE-2010-3908
2011-05-20 22:55:00
prion
prion
Memory corruption
2011-05-20 22:55:00
osv
osv
ffmpeg - several
2011-09-11 00:00:00
debian
debian
[SECURITY] [DSA 2306-1] ffmpeg security update
2011-09-11 17:17:22
[SECURITY] [DSA 2306-1] ffmpeg security update
2011-09-11 17:17:22
nessus
nessus
Debian DSA-2306-1 : ffmpeg - several vulnerabilities
2011-09-12 00:00:00
Mandriva Linux Security Advisory : ffmpeg (MDVSA-2011:061)
2011-04-04 00:00:00
openvas
openvas
Debian Security Advisory DSA 2306-1 (ffmpeg)
2011-09-21 00:00:00
Ubuntu Update for ffmpeg vulnerabilities USN-1104-1
2011-04-06 00:00:00
Ubuntu: Security Advisory (USN-1104-1)
2011-04-06 00:00:00
securityvulns
securityvulns
[USN-1104-1] FFmpeg vulnerabilities
2011-04-05 00:00:00
ubuntu
ubuntu
FFmpeg vulnerabilities
2011-04-04 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2013-10-25 00:00:00