[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [ MDVSA-2011:059 ] ffmpeg

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] [ MDVSA-2011:059 ] ffmpeg
From: security@xxxxxxxxxxxx
Date: Fri, 01 Apr 2011 20:40:00 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:059
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ffmpeg
 Date    : April 1, 2011
 Affected: Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been identified and fixed in ffmpeg:
 
 Multiple integer underflows in FFmpeg 0.5 allow remote attackers to
 cause a denial of service and possibly execute arbitrary code via a
 crafted file that (1) bypasses a validation check in vorbis_dec.c
 and triggers a wraparound of the stack pointer, or (2) access a
 pointer from out-of-bounds memory in mov.c, related to an elst tag
 that appears before a tag that creates a stream. (CVE-2009-4634)
 
 FFmpeg 0.5 allows remote attackers to cause a denial of service and
 possibly execute arbitrary code via a crafted MOV container with
 improperly ordered tags that cause (1) mov.c and (2) utils.c to use
 inconsistent codec types and identifiers, which causes the mp3 decoder
 to process a pointer for a video structure, leading to a stack-based
 buffer overflow. (CVE-2009-4635)
 
 The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows
 remote attackers to cause a denial of service (crash) via a crafted
 AVI file that triggers a divide-by-zero error. (CVE-2009-4639)
 
 And several additional vulnerabilites originally discovered by Google
 Chrome developers were also fixed with this advisory.
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639
 _______________________________________________________________________

 Updated Packages:

 Corporate 4.0:
 91862db1638f9bf513cba7b9896255f7  
corporate/4.0/i586/ffmpeg-0.4.9-0.pre1.5.5.20060mlcs4.i586.rpm
 db9ae743d2044534563de66c42f78682  
corporate/4.0/i586/libffmpeg0-0.4.9-0.pre1.5.5.20060mlcs4.i586.rpm
 22c09e614168dc4f18ca7bfc2a47a01d  
corporate/4.0/i586/libffmpeg0-devel-0.4.9-0.pre1.5.5.20060mlcs4.i586.rpm 
 9a07a4bbf39f8d290bf3b3525fc6c3a5  
corporate/4.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 0446e21fde8d89c0da889306c462908a  
corporate/4.0/x86_64/ffmpeg-0.4.9-0.pre1.5.5.20060mlcs4.x86_64.rpm
 56242d230f030635f231d25f74ee8e10  
corporate/4.0/x86_64/lib64ffmpeg0-0.4.9-0.pre1.5.5.20060mlcs4.x86_64.rpm
 baf11eccdec3db1aab931626d4bf1ef8  
corporate/4.0/x86_64/lib64ffmpeg0-devel-0.4.9-0.pre1.5.5.20060mlcs4.x86_64.rpm 
 9a07a4bbf39f8d290bf3b3525fc6c3a5  
corporate/4.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.5.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNlfE7mqjQ0CJFipgRAjShAJ9+WFp0MtozRAP8nICGyv0wIwlrxwCgtHtq
uF+AD+fmE89UMwnzAiWiSkE=
=pNTn
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Microsoft VISTA TCP/IP heap buffer underflow
Next by Date: Re: [Full-disclosure] ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability
Previous by thread: Re: [Full-disclosure] Microsoft VISTA TCP/IP heap buffer underflow
Next by thread: [Full-disclosure] [ MDVSA-2011:060 ] ffmpeg
Index(es):
- Date
- Thread