Some vulnerabilities have been reported in Xvid, which can be exploited by malicious people to potentially compromise an application using the library.

1) Multiple boundary errors exist within the "decoder_iframe()", "decoder_pframe()", and "decoder_bframe()" functions in src/decoder.c. These can be exploited to potentially corrupt memory via specially crafted video files.

2) An error exists within the "decoder_create()" function in src/decoder.c when interpreting errors returned by "decoder_resize()". This can be exploited to cause a heap-based buffer overflow via a specially crafted video file.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

The vulnerabilities are reported in versions prior to 1.2.2.

Solution
Update to version 1.2.2.

Provided and/or discovered by
1) John McDonald and Christopher Valasek of IBM X-Force
2) John McDonald and Mark Dowd of IBM X-Force

Changelog
Further details available in Customer Area

Original Advisory
Xvid:
http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7
http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81

IBM X-Force:
http://www.iss.net/threats/325.html
http://www.iss.net/threats/326.html

Deep Links
Links available in Customer Area