Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63201

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)

Resumen: The remote host is missing an update to ffmpeg;announced via advisory MDVSA-2009:015.

Descripción: Summary:
The remote host is missing an update to ffmpeg
announced via advisory MDVSA-2009:015.

Vulnerability Insight:
Several vulnerabilities have been discovered in ffmpeg, related to
the execution of DTS generation code (CVE-2008-4866) and incorrect
handling of DCA_MAX_FRAME_SIZE value (CVE-2008-4867).

The updated packages have been patched to prevent this.

Affected: 2008.0, 2008.1, 2009.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-4866
BugTraq ID: 33308
http://www.securityfocus.com/bid/33308
Debian Security Information: DSA-1782 (Google Search)
http://www.debian.org/security/2009/dsa-1782
http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html
http://security.gentoo.org/glsa/glsa-200903-33.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:013
http://www.mandriva.com/security/advisories?name=MDVSA-2009:015
http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016011.html
http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016012.html
http://www.openwall.com/lists/oss-security/2008/10/29/6
http://secunia.com/advisories/34296
http://secunia.com/advisories/34385
http://secunia.com/advisories/34845
http://www.ubuntu.com/usn/USN-734-1
XForce ISS Database: ffmpeg-utils-multiple-bo(46322)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46322
Common Vulnerability Exposure (CVE) ID: CVE-2008-4867
http://www.mandriva.com/security/advisories?name=MDVSA-2009:014
http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016352.html
XForce ISS Database: ffmpeg-dca-bo(46324)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46324

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63201
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:015 (ffmpeg)
Resumen:	The remote host is missing an update to ffmpeg;announced via advisory MDVSA-2009:015.
Descripción:	Summary: The remote host is missing an update to ffmpeg announced via advisory MDVSA-2009:015. Vulnerability Insight: Several vulnerabilities have been discovered in ffmpeg, related to the execution of DTS generation code (CVE-2008-4866) and incorrect handling of DCA_MAX_FRAME_SIZE value (CVE-2008-4867). The updated packages have been patched to prevent this. Affected: 2008.0, 2008.1, 2009.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4866 BugTraq ID: 33308 http://www.securityfocus.com/bid/33308 Debian Security Information: DSA-1782 (Google Search) http://www.debian.org/security/2009/dsa-1782 http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html http://security.gentoo.org/glsa/glsa-200903-33.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:013 http://www.mandriva.com/security/advisories?name=MDVSA-2009:015 http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016011.html http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016012.html http://www.openwall.com/lists/oss-security/2008/10/29/6 http://secunia.com/advisories/34296 http://secunia.com/advisories/34385 http://secunia.com/advisories/34845 http://www.ubuntu.com/usn/USN-734-1 XForce ISS Database: ffmpeg-utils-multiple-bo(46322) https://exchange.xforce.ibmcloud.com/vulnerabilities/46322 Common Vulnerability Exposure (CVE) ID: CVE-2008-4867 http://www.mandriva.com/security/advisories?name=MDVSA-2009:014 http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016352.html XForce ISS Database: ffmpeg-dca-bo(46324) https://exchange.xforce.ibmcloud.com/vulnerabilities/46324
Copyright	Copyright (C) 2009 E-Soft Inc.