FreeBSD : ffmpeg -- 4xm processing memory corruption vulnerability (6733e1bf-125f-11de-a964-0030843d3802)
High Nessus Plugin ID 35938
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Tobias Klein has reported a vulnerability in FFmpeg, which potentially can be exploited by malicious people to compromise an application using the library.
The vulnerability is caused due to a signedness error within the 'fourxm_read_header()' function in libavformat/4xm.c. This can be exploited to corrupt arbitrary memory via a specially crafted 4xm file.
SolutionUpdate the affected package.