Bug#524805: mplayer: CVE-2009-0385 integer signedness error
Reinhard Tartler
siretart at tauware.de
Sat Apr 17 17:04:36 UTC 2010
found 524805 1.0~rc2-17+lenny3
notfound 524805 1.0~rc3+svn20090405-1
stop
On Mon, Apr 20, 2009 at 04:00:15 (CEST), Michael S. Gilbert wrote:
> The following CVE (Common Vulnerabilities & Exposures) id was
> published for mplayer.
>
> CVE-2009-0385[0]:
> | Integer signedness error in the fourxm_read_header function in
> | libavformat/4xm.c in FFmpeg before revision 16846 allows remote
> | attackers to execute arbitrary code via a malformed 4X movie file with
> | a large current_track value, which triggers a NULL pointer
> | dereference.
>
> See fedora security announcement for more details [1].
>
> Please coordinate with the security team to prepare updated packages
> for the stable releases.
Fortunately, this does not affect the version in squeeze, 'only' the
version in stable. This patch should fix the issue:
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
--
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
More information about the pkg-multimedia-maintainers
mailing list