[<prev] [next>] [<thread-prev] [month] [year] [list]
Date: Mon, 9 Feb 2009 19:53:39 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: ffmpeg <r16846 Type conversion
vulnerability
======================================================
Name: CVE-2009-0385
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385
Reference: BUGTRAQ:20090128 [TKADV2009-004] FFmpeg Type Conversion Vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/500514/100/0/threaded
Reference: MISC:http://www.trapkit.de/advisories/TKADV2009-004.txt
Reference: CONFIRM:http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
Reference: CONFIRM:http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846&pathrev=16846
Reference: CONFIRM:http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=16846
Reference: BID:33502
Reference: URL:http://www.securityfocus.com/bid/33502
Reference: FRSIRT:ADV-2009-0277
Reference: URL:http://www.frsirt.com/english/advisories/2009/0277
Reference: OSVDB:51643
Reference: URL:http://osvdb.org/51643
Reference: SECUNIA:33711
Reference: URL:http://secunia.com/advisories/33711
Reference: XF:ffmpeg-fourxmreadheader-code-execution(48330)
Reference: URL:http://xforce.iss.net/xforce/xfdb/48330
Integer signedness error in the fourxm_read_header function in
libavformat/4xm.c in FFmpeg before revision 16846 allows remote
attackers to execute arbitrary code via a malformed 4X movie file with
a large current_track value, which triggers a NULL pointer
dereference.
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ