openSUSE Security Update : ffmpeg (openSUSE-2016-1203)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for ffmpeg fixes multiple security issues in ffmpeg

These vulnerabilities can be triggered when processing specially
crafted avi video content, and could lead to crashes or have
unspecified further impact including potential code execution.

- CVE-2016-7562: out-of-bounds array write fault via
specially crafted avi files

- CVE-2016-7502: out-of-bounds array write via incorrect
block values

- CVE-2016-7905: null-point-exception when decoding avi
files with crafted 'gab2' structs

- CVE-2016-7555: memory leak when decoding avi files with
crafted 'strh' struct

- CVE-2016-7785: assert fault via avi files with crafted
'strh' struct

See also :

Solution :

Update the affected ffmpeg packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 94129 ()

Bugtraq ID:

CVE ID: CVE-2016-7502

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now