oval:org.mitre.oval:def:12955
Definition Id: oval:org.mitre.oval:def:12955 | |||
Oval ID: | oval:org.mitre.oval:def:12955 | ||
Title: | DSA-2165-1 ffmpeg-debian -- buffer overflow | ||
Description: | Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications. CVE-2010-3429 Cesar Bernardini and Felipe Andres Manzano reported an arbitrary offset dereference vulnerability in the libavcodec, in particular in the flic file format parser. A specific flic file may exploit this vulnerability and execute arbitrary code. Mplayer is also affected by this problem, as well as other software that use this library. CVE-2010-4704 Greg Maxwell discovered an integer overflow the Vorbis decoder in FFmpeg. A specific ogg file may exploit this vulnerability and execute arbitrary code. CVE-2010-4705 A potential integer overflow has been discovered in the Vorbis decoder in FFmpeg. This upload also fixes an incomplete patch from DSA-2000-1. Michael Gilbert noticed that there was remaining vulnerabilities, which may cause a denial of service and potentially execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2165-1 CVE-2010-3429 CVE-2010-4704 CVE-2010-4705 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | ffmpeg-debian |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6513 | |||
Oval ID: | oval:org.mitre.oval:def:6513 | ||
Title: | Debian GNU/Linux 5.0 is installed | ||
Description: | Debian GNU/Linux 5.0 (lenny) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:5.0 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:12955 |