Bug#407922: security tag

Steffen Joeris steffen.joeris at skolelinux.de
Tue Dec 4 11:12:08 UTC 2007


On Tue, 4 Dec 2007 10:20:59 am you wrote:
> On Tue, Dec 04, 2007, Steffen Joeris wrote:
> > I was just reading through the bugreport. Can you please elaborate, under
> > which circumstances a potential DoS can be performed? At the moment, the
> > whole issue does not sound very important, but I would like to wait for
> > your explanation :)
>  My understanding is that a SEGV while playing a MPEG file is a
>  potential security hole, as it can be exploited from videos on the web
>  or similar.
>  I didn't investigate whether this crash is exploitable.
If a Denial of Service attack can be launched, then a SEGV is a security hole, 
I was just wondering, because the security tag is set.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20071204/f7c84f65/attachment.pgp 

More information about the pkg-multimedia-maintainers mailing list