|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200609-09] FFmpeg: Buffer overflows Vulnerability Scan
Vulnerability Scan Summary FFmpeg: Buffer overflows
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200609-09
(FFmpeg: Buffer overflows)
FFmpeg contains buffer overflows in the AVI processing code.
Impact
A possible hacker could trigger the buffer overflows by enticing a user to
load a specially crafted AVI file in an application using the FFmpeg
library. This might result in the execution of arbitrary code in the
context of the running application.
Workaround
There is no known workaround at this time.
Solution:
All FFmpeg users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/ffmpeg-0.4.9_p20060530"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|