1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
PublicDateAtUSN: 2011-02-16
Candidate: CVE-2010-3908
PublicDate: 2011-05-20
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3908
http://www.ubuntu.com/usn/usn-1104-1
Description:
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote
attackers to cause a denial of service (memory corruption and application
crash) or possibly execute arbitrary code via a malformed WMV file.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/690169
Priority: medium
Discovered-by: Dan Rosenberg
Assigned-to:
Patches_ffmpeg:
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=48b086b0efa40799ace96bcec010b6b72a9490d6 (0.5.x)
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=445f0a8b666a34e6402f6ae96c6804c8bc024baa (trunk, 0.6.x)
upstream_ffmpeg: needed
dapper_ffmpeg: ignored (reached end-of-life)
hardy_ffmpeg: released (3:0.cvs20070307-5ubuntu7.6)
karmic_ffmpeg: released (4:0.5+svn20090706-2ubuntu2.3)
lucid_ffmpeg: released (4:0.5.1-1ubuntu1.1)
maverick_ffmpeg: not-affected (4:0.6-2ubuntu6)
devel_ffmpeg: DNE
|