Lucene search
UbuntuUSN-230-2HistoryDec 16, 2005 - 12:00 a.m.
ffmpeg/xine-lib vulnerability
2005-12-1600:00:00
ubuntu.com
29
Releases
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine
library contains a copy of the ffmpeg code, thus it is vulnerable to
the same flaw.
For reference, this is the original advisory:
Simon Kilvington discovered a buffer overflow in the
avcodec_default_get_buffer() function of the ffmpeg library. By
tricking an user into opening a malicious movie which contains
specially crafted PNG images, this could be exploited to execute
arbitrary code with the user’s privileges.
References
Related
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : xine-lib vulnerability (USN-230-2)
2006-01-21 00:00:00
Mandrake Linux Security Advisory : gstreamer-ffmpeg (MDKSA-2005:232)
2006-01-15 00:00:00
Debian DSA-1005-1 : xine-lib - buffer overflow
2006-10-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 1004-1 (vlc)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1005-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1004-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 992-1] New ffmpeg packages fix arbitrary code execution
2006-03-10 00:00:00
[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
2006-03-16 00:00:00
[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
2006-03-16 21:54:34
securityvulns
securityvulns
cvelist
cvelist
gentoo
gentoo
xine-lib, FFmpeg: Heap-based buffer overflow
2006-01-10 00:00:00
GStreamer FFmpeg plugin: Heap-based buffer overflow
2006-02-05 00:00:00
MPlayer: Multiple integer overflows
2006-03-04 00:00:00
ubuntu
ubuntu
ffmpeg vulnerability
2005-12-15 00:00:00
osv
osv
vlc - buffer overflow
2006-03-16 00:00:00
xine-lib - buffer overflow
2006-03-16 00:00:00
debiancve
debiancve
CVE-2005-4048
2005-12-07 11:03:00
CVE-2006-4800
2006-09-14 22:07:00
cve
cve
ubuntucve
ubuntucve
slackware
slackware
[slackware-security] xine-lib
2006-07-26 21:25:49