oval:org.mitre.oval:def:12955
| Definition Id: oval:org.mitre.oval:def:12955 | |||
| Oval ID: | oval:org.mitre.oval:def:12955 | ||
| Title: | DSA-2165-1 ffmpeg-debian -- buffer overflow | ||
| Description: | Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications. CVE-2010-3429 Cesar Bernardini and Felipe Andres Manzano reported an arbitrary offset dereference vulnerability in the libavcodec, in particular in the flic file format parser. A specific flic file may exploit this vulnerability and execute arbitrary code. Mplayer is also affected by this problem, as well as other software that use this library. CVE-2010-4704 Greg Maxwell discovered an integer overflow the Vorbis decoder in FFmpeg. A specific ogg file may exploit this vulnerability and execute arbitrary code. CVE-2010-4705 A potential integer overflow has been discovered in the Vorbis decoder in FFmpeg. This upload also fixes an incomplete patch from DSA-2000-1. Michael Gilbert noticed that there was remaining vulnerabilities, which may cause a denial of service and potentially execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2165-1 CVE-2010-3429 CVE-2010-4704 CVE-2010-4705 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | ffmpeg-debian |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6513 | |||
| Oval ID: | oval:org.mitre.oval:def:6513 | ||
| Title: | Debian GNU/Linux 5.0 is installed | ||
| Description: | Debian GNU/Linux 5.0 (lenny) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux:5.0 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:12955 | |||
