|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 1781-1 (ffmpeg-debian)|
|Summary:||Debian Security Advisory DSA 1781-1 (ffmpeg-debian)|
|Description:||The remote host is missing an update to ffmpeg-debian|
announced via advisory DSA 1781-1.
Several vulnerabilities have been discovered in ffmpeg, a multimedia
player, server and encoder. The Common Vulnerabilities and Exposures
project identifies the following problems:
It was discovered that watching a malformed 4X movie file could lead to
the execution of arbitrary code.
It was discovered that using a crafted STR file can lead to the
execution of arbitrary code.
For the oldstable distribution (etch), these problems have been fixed
in version 0.cvs20060823-8+etch1.
For the stable distribution (lenny), these problems have been fixed in
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 0.svn20080206-16.
We recommend that you upgrade your ffmpeg-debian packages.
Common Vulnerability Exposure (CVE) ID: CVE-2009-0385|
Bugtraq: 20090128 [TKADV2009-004] FFmpeg Type Conversion Vulnerability (Google Search)
Debian Security Information: DSA-1781 (Google Search)
Debian Security Information: DSA-1782 (Google Search)
BugTraq ID: 33502
XForce ISS Database: ffmpeg-fourxmreadheader-code-execution(48330)
Common Vulnerability Exposure (CVE) ID: CVE-2008-3162
BugTraq ID: 30154
|Copyright||Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com|
|This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.