 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.70932 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu USN-1209-1 (libavcodec52) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to libavcodec52 announced via advisory USN-1209-1. Details: It was discovered that FFmpeg incorrectly handled certain malformed ogg files. If a user were tricked into opening a crafted ogg file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. (CVE-2011-1196) It was discovered that FFmpeg incorrectly handled certain malformed AMV files. If a user were tricked into opening a crafted AMV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 10.10. (CVE-2011-1931) It was discovered that FFmpeg incorrectly handled certain malformed APE files. If a user were tricked into opening a crafted APE file, an attacker could cause a denial of service via application crash. (CVE-2011-2161) Emmanouel Kellinis discovered that FFmpeg incorrectly handled certain malformed CAVS files. If a user were tricked into opening a crafted CAVS file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2011-3362) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: libavcodec52 4:0.6-2ubuntu6.2 libavformat52 4:0.6-2ubuntu6.2 Ubuntu 10.04 LTS: libavcodec52 4:0.5.1-1ubuntu1.2 libavformat52 4:0.5.1-1ubuntu1.2 http://www.securityspace.com/smysecure/catid.html?in=USN-1209-1 CVSS Score: 7.5 CVSS Vector: AV:L/AC:L/Au:NR/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1196 BugTraq ID: 46785 http://www.securityfocus.com/bid/46785 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14033 http://www.vupen.com/english/advisories/2011/0628 XForce ISS Database: google-ogg-dos(65960) https://exchange.xforce.ibmcloud.com/vulnerabilities/65960 Common Vulnerability Exposure (CVE) ID: CVE-2011-1931 BugTraq ID: 47602 http://www.securityfocus.com/bid/47602 Bugtraq: 20110427 NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write (Google Search) http://www.securityfocus.com/archive/1/517706 http://securityreason.com/securityalert/8299 Common Vulnerability Exposure (CVE) ID: CVE-2011-2161 http://packetstorm.linuxsecurity.com/1103-exploits/vlc105-dos.txt Common Vulnerability Exposure (CVE) ID: CVE-2011-3362 http://www.ocert.org/advisories/ocert-2011-002.html http://www.openwall.com/lists/oss-security/2011/09/13/4 http://www.openwall.com/lists/oss-security/2011/09/14/8 http://secunia.com/advisories/45532 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |