Lucene search
UbuntuUSN-630-1HistoryJul 28, 2008 - 12:00 a.m.
ffmpeg vulnerability
2008-07-2800:00:00
ubuntu.com
40
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.131 Low
EPSS
Percentile
95.5%
Releases
- Ubuntu 8.04
- Ubuntu 7.10
Packages
- ffmpeg -
Details
It was discovered that ffmpeg did not correctly handle STR file
demuxing. If a user were tricked into processing a malicious STR file,
a remote attacker could execute arbitrary code with user privileges via
applications linked against ffmpeg.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | libavformat1d | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | ffmpeg | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libavcodec-dev | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libavcodec1d | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libavformat-dev | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libavutil-dev | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libavutil1d | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpostproc-dev | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpostproc1d | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libswscale-dev | < 3:0.cvs20070307-5ubuntu7.1 | UNKNOWN |
References
Related
openvas
openvas
Mandriva Update for ffmpeg MDVSA-2008:157 (ffmpeg)
2009-04-09 00:00:00
Ubuntu Update for ffmpeg vulnerability USN-630-1
2009-03-23 00:00:00
mplayer -- vulnerability in STR files processor
2009-01-20 00:00:00
nessus
nessus
Ubuntu 7.10 / 8.04 LTS : ffmpeg vulnerability (USN-630-1)
2008-07-29 00:00:00
Mandriva Linux Security Advisory : ffmpeg (MDVSA-2008:157)
2009-04-23 00:00:00
securityvulns
securityvulns
[USN-630-1] ffmpeg vulnerability
2008-07-30 00:00:00
ffmpeg library code execution
2008-07-30 00:00:00
prion
prion
Stack overflow
2008-07-14 23:41:00
debiancve
debiancve
CVE-2008-3162
2008-07-14 23:41:00
freebsd
freebsd
mplayer -- vulnerability in STR files processor
2008-07-09 00:00:00
cve
cve
CVE-2008-3162
2008-07-14 23:41:00
ubuntucve
ubuntucve
CVE-2008-3162
2008-07-14 00:00:00
debian
debian
osv
osv
ffmpeg ffmpeg-debian - arbitrary code execution
2009-04-29 00:00:00
gentoo
gentoo
MPlayer: Multiple vulnerabilities
2009-01-12 00:00:00
FFmpeg: Multiple vulnerabilities
2009-03-19 00:00:00
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.131 Low
EPSS
Percentile
95.5%
Related for USN-630-1