Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2014:129 First vendor Publication 2014-07-09
Vendor Mandriva Last vendor Modification 2014-07-09
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities has been discovered and corrected in ffmpeg:

Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of mclms arrays, (2) a get_bits(0) in decode_ac_filter, and (3) too many bits in decode_channel_residues(). (CVE-2012-2795).

libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data (CVE-2014-2098).

The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data (CVE-2014-2099).

The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write (CVE-2014-2263).

A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service (CVE-2012-5150).

An integer overflow can occur when processing any variant of a literal run in the av_lzo1x_decode function (CVE-2014-4609, CVE-2014-4610).

The updated packages have been upgraded to the 0.10.14 version which is not vulnerable to these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:129

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
25 % CWE-399 Resource Management Errors
25 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16440
 
Oval ID: oval:org.mitre.oval:def:16440
Title: Use-after-free vulnerability in Google Chrome before 24.0.1312.52 via vectors involving seek operations on video data
Description: Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data.
Family: windows Class: vulnerability
Reference(s): CVE-2012-5150
 Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
 Product(s): Google Chrome
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26464
 
Oval ID: oval:org.mitre.oval:def:26464
Title: DSA-3003-1 libav - security update
Description: Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at <a href="http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15">http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15</a>
Family: unix Class: patch
Reference(s): DSA-3003-1
CVE-2011-3934
CVE-2011-3935
CVE-2011-3946
CVE-2013-0848
CVE-2013-0851
CVE-2013-0852
CVE-2013-0860
CVE-2013-0868
CVE-2013-3672
CVE-2013-3674
CVE-2014-2263
 Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
 Product(s): libav
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 110
Application 2685
Os 3
Os 2

Nessus® Vulnerability Scanner

Date Description
2016-03-14 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201603-06.nasl - Type : ACT_GATHER_INFO
2015-06-02 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_65b14d39d01f419cb0b85df60b929973.nasl - Type : ACT_GATHER_INFO
2015-03-31 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-173.nasl - Type : ACT_GATHER_INFO
2014-08-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3003.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-129.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-72.nasl - Type : ACT_GATHER_INFO
2013-10-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201310-12.nasl - Type : ACT_GATHER_INFO
2013-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-16.nasl - Type : ACT_GATHER_INFO
2013-01-11 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_46bd747b5b8411e2b06d00262d5ed8ee.nasl - Type : ACT_GATHER_INFO
2013-01-10 Name : The remote host contains a web browser that is affected by multiple vulnerabi...
File : google_chrome_24_0_1312_52.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-07-11 13:25:12
  • Multiple Updates
2014-07-09 13:23:09
  • First insertion