‫ FFmpeg Multiple Vulnerabilities

IRCAD2013092890
ID: IRCAD2013092890
Release Date: 2013-09-16
Criticality level: Highly critical
Software:
FFmpeg 2.x
Description:
Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
1) An error within the "avpriv_dv_produce_packet()" function (libavformat/dv.c) can be exploited to trigger an out-of-bounds memory read access and subsequently cause a crash.
2) An error within the "smacker_decode_header_tree()" function (libavcodec/smacker.c) can be exploited to trigger an out-of-bounds memory access.
3) An integer overflow error within the "smacker_read_packet()" function (libavformat/smacker.c) can be exploited to cause a heap-based buffer overflow.
4) An error exists within the "cin_read_frame_header()" function (libavformat/dsicin.c).
5) An error within the "g2m_load_cursor()" function (libavcodec/g2meet.c) can be exploited to corrupt memory.
6) An integer overflow error within the "mpc8_parse_seektable()" function (libavformat/mpc8.c) can be exploited to cause a heap-based buffer overflow.
7) A boundary error within the "decode_frame()" function (libavcodec/zmbv.c) can be exploited to cause a memory corruption.
8) An error within the "decode_wave_header()" function (libavcodec/shorten.c) can be exploited to cause a crash.
Successful exploitation of vulnerabilities #3, #4, #5, #6, and #7 may allow execution of arbitrary code.
Solution
Fixed in the GIT repository.
References:
Secunia
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 شهریور 1392

امتیاز

امتیاز شما
تعداد امتیازها:0