Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.55984
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2005:230 (mplayer)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to mplayer
announced via advisory MDKSA-2005:230.

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial
of Service) and potentially to compromise a user's system.

The vulnerability is caused due to a boundary error in the
avcodec_default_get_buffer() function of utils.c in libavcodec.
This can be exploited to cause a heap-based buffer overflow when a
specially-crafted 1x1 .png file containing a palette is read.

Mplayer is built with a private copy of ffmpeg containing this
same code.

The updated packages have been patched to prevent this problem.

Affected: 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:230

Risk factor : High

CVSS Score:
7.5

Querverweis: BugTraq ID: 15743
Common Vulnerability Exposure (CVE) ID: CVE-2005-4048
http://www.securityfocus.com/bid/15743
Debian Security Information: DSA-1004 (Google Search)
http://www.debian.org/security/2006/dsa-1004
Debian Security Information: DSA-1005 (Google Search)
http://www.debian.org/security/2006/dsa-1005
Debian Security Information: DSA-992 (Google Search)
http://www.us.debian.org/security/2006/dsa-992
http://www.gentoo.org/security/en/glsa/glsa-200601-06.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-01.xml
http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:228
http://www.mandriva.com/security/advisories?name=MDKSA-2005:229
http://www.mandriva.com/security/advisories?name=MDKSA-2005:230
http://www.mandriva.com/security/advisories?name=MDKSA-2005:231
http://www.mandriva.com/security/advisories?name=MDKSA-2005:232
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558
http://secunia.com/advisories/17892
http://secunia.com/advisories/18066
http://secunia.com/advisories/18087
http://secunia.com/advisories/18107
http://secunia.com/advisories/18400
http://secunia.com/advisories/18739
http://secunia.com/advisories/18746
http://secunia.com/advisories/19114
http://secunia.com/advisories/19192
http://secunia.com/advisories/19272
http://secunia.com/advisories/19279
https://usn.ubuntu.com/230-1/
https://usn.ubuntu.com/230-2/
http://www.vupen.com/english/advisories/2005/2770
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.