Ubuntu 10.04 LTS : ffmpeg vulnerabilities (USN-1479-1)

Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg
incorrectly handled certain malformed DV files. If a user were tricked
into opening a crafted DV file, an attacker could cause a denial of
service via application crash, or possibly execute arbitrary code with
the privileges of the user invoking the program. (CVE-2011-3929,
CVE-2011-3936)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg
incorrectly handled certain malformed NSV files. If a user were
tricked into opening a crafted NSV file, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2011-3940)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg
incorrectly handled certain malformed MJPEG-B files. If a user were
tricked into opening a crafted MJPEG-B file, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2011-3947)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg
incorrectly handled certain malformed DPCM files. If a user were
tricked into opening a crafted DPCM file, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2011-3951)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg
incorrectly handled certain malformed KMVC files. If a user were
tricked into opening a crafted KMVC file, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2011-3952)

It was discovered that FFmpeg incorrectly handled certain malformed
H.264 files. If a user were tricked into opening a crafted H.264 file,
an attacker could cause a denial of service via application crash, or
possibly execute arbitrary code with the privileges of the user
invoking the program. (CVE-2012-0851)

It was discovered that FFmpeg incorrectly handled certain malformed
ADPCM files. If a user were tricked into opening a crafted ADPCM file,
an attacker could cause a denial of service via application crash, or
possibly execute arbitrary code with the privileges of the user
invoking the program. (CVE-2012-0852)

It was discovered that FFmpeg incorrectly handled certain malformed
Atrac 3 files. If a user were tricked into opening a crafted Atrac 3
file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2012-0853)

It was discovered that FFmpeg incorrectly handled certain malformed
Shorten files. If a user were tricked into opening a crafted Shorten
file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2012-0858)

It was discovered that FFmpeg incorrectly handled certain malformed
Vorbis files. If a user were tricked into opening a crafted Vorbis
file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2012-0859)

Fabian Yamaguchi discovered that FFmpeg incorrectly handled certain
malformed VQA files. If a user were tricked into opening a crafted VQA
file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the
user invoking the program. (CVE-2012-0947).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected libavcodec52 and / or libavformat52 packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial