CVE Reference: CVE-2010-4704

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-4704

Description:
libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-2011-0480.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/usn-1104-1/

SAID
  Secunia Advisory: SA43323

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:062
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:089
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:112
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:114

DEBIAN
  http://www.debian.org/security/2011/dsa-2306
  http://www.debian.org/security/2011/dsa-2165

CONFIRM
  http://ffmpeg.mplayerhq.hu/
  http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=3dde66752d59dfdd0f3727efd66e7202b3c75078

BID
  46294


Return to the previous page.