Bug#407922: security tag
Steffen Joeris
steffen.joeris at skolelinux.de
Tue Dec 4 11:12:08 UTC 2007
Hi
On Tue, 4 Dec 2007 10:20:59 am you wrote:
> On Tue, Dec 04, 2007, Steffen Joeris wrote:
> > I was just reading through the bugreport. Can you please elaborate, under
> > which circumstances a potential DoS can be performed? At the moment, the
> > whole issue does not sound very important, but I would like to wait for
> > your explanation :)
>
> My understanding is that a SEGV while playing a MPEG file is a
> potential security hole, as it can be exploited from videos on the web
> or similar.
>
> I didn't investigate whether this crash is exploitable.
If a Denial of Service attack can be launched, then a SEGV is a security hole,
yes.
I was just wondering, because the security tag is set.
Cheers
Steffen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20071204/f7c84f65/attachment.pgp
More information about the pkg-multimedia-maintainers
mailing list