CVE-2008-3162 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-3162
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3162

Description: Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-630-1 SAID Secunia Advisory: SA31268 Secunia Advisory: SA34905 Secunia Advisory: SA30994 Secunia Advisory: SA34385 MLIST http://www.openwall.com/lists/oss-security/2008/07/16/4 http://www.openwall.com/lists/oss-security/2008/07/09/9 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:157 GENTOO http://security.gentoo.org/glsa/glsa-200903-33.xml DEBIAN http://www.debian.org/security/2009/dsa-1781 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965 http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=13993 BID 30154

Return to the previous page.