| Summary: | <media-video/ffmpeg-1.0.2: multiple vulnerabilities (CVE-2012-{6615,6616,6617,6618}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | media-video |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://secunia.com/advisories/51964/ | ||
| Whiteboard: | A3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Agostino Sarubbo
2013-01-28 12:27:17 UTC
Nothing in the 1.0 branch <1.0.2 is in tree. This issue was resolved and addressed in GLSA 201310-12 at http://security.gentoo.org/glsa/glsa-201310-12.xml by GLSA coordinator Sean Amoss (ackle). CVE-2012-6618 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6618): The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate." CVE-2012-6617 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6617): The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format. CVE-2012-6616 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6616): The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data. CVE-2012-6615 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6615): The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text. |
