SecuritySpace - CVE-2009-4633

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-4633

Description: vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4633
http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html
https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240
Debian Security Information: DSA-2000 (Google Search)
http://www.debian.org/security/2010/dsa-2000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
http://www.mandriva.com/security/advisories?name=MDVSA-2011:112
http://www.mandriva.com/security/advisories?name=MDVSA-2011:114
http://www.ubuntu.com/usn/USN-931-1
BugTraq ID: 36465
http://www.securityfocus.com/bid/36465
http://secunia.com/advisories/36805
http://secunia.com/advisories/38643
http://secunia.com/advisories/39482
http://www.vupen.com/english/advisories/2010/0935
http://www.vupen.com/english/advisories/2011/1241

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

CVE ID:	CVE-2009-4633
Description:	vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4633 http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240 Debian Security Information: DSA-2000 (Google Search) http://www.debian.org/security/2010/dsa-2000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 http://www.mandriva.com/security/advisories?name=MDVSA-2011:112 http://www.mandriva.com/security/advisories?name=MDVSA-2011:114 http://www.ubuntu.com/usn/USN-931-1 BugTraq ID: 36465 http://www.securityfocus.com/bid/36465 http://secunia.com/advisories/36805 http://secunia.com/advisories/38643 http://secunia.com/advisories/39482 http://www.vupen.com/english/advisories/2010/0935 http://www.vupen.com/english/advisories/2011/1241