Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.55984
Categoría:Mandrake Local Security Checks
Título:Mandrake Security Advisory MDKSA-2005:230 (mplayer)
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing an update to mplayer
announced via advisory MDKSA-2005:230.

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial
of Service) and potentially to compromise a user's system.

The vulnerability is caused due to a boundary error in the
avcodec_default_get_buffer() function of utils.c in libavcodec.
This can be exploited to cause a heap-based buffer overflow when a
specially-crafted 1x1 .png file containing a palette is read.

Mplayer is built with a private copy of ffmpeg containing this
same code.

The updated packages have been patched to prevent this problem.

Affected: 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:230

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 15743
Common Vulnerability Exposure (CVE) ID: CVE-2005-4048
http://www.securityfocus.com/bid/15743
Debian Security Information: DSA-1004 (Google Search)
http://www.debian.org/security/2006/dsa-1004
Debian Security Information: DSA-1005 (Google Search)
http://www.debian.org/security/2006/dsa-1005
Debian Security Information: DSA-992 (Google Search)
http://www.us.debian.org/security/2006/dsa-992
http://www.gentoo.org/security/en/glsa/glsa-200601-06.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-01.xml
http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:228
http://www.mandriva.com/security/advisories?name=MDKSA-2005:229
http://www.mandriva.com/security/advisories?name=MDKSA-2005:230
http://www.mandriva.com/security/advisories?name=MDKSA-2005:231
http://www.mandriva.com/security/advisories?name=MDKSA-2005:232
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558
http://secunia.com/advisories/17892
http://secunia.com/advisories/18066
http://secunia.com/advisories/18087
http://secunia.com/advisories/18107
http://secunia.com/advisories/18400
http://secunia.com/advisories/18739
http://secunia.com/advisories/18746
http://secunia.com/advisories/19114
http://secunia.com/advisories/19192
http://secunia.com/advisories/19272
http://secunia.com/advisories/19279
https://usn.ubuntu.com/230-1/
https://usn.ubuntu.com/230-2/
http://www.vupen.com/english/advisories/2005/2770
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.