Ubuntu 10.04 LTS : ffmpeg vulnerabilities (USN-1479-1)

medium Nessus Plugin ID 59566

Synopsis

The remote Ubuntu host is missing one or more security-related patches.

Description

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2011-3929, CVE-2011-3936)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed NSV files. If a user were tricked into opening a crafted NSV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2011-3940)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed MJPEG-B files. If a user were tricked into opening a crafted MJPEG-B file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2011-3947)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed DPCM files. If a user were tricked into opening a crafted DPCM file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2011-3951)

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed KMVC files. If a user were tricked into opening a crafted KMVC file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2011-3952)

It was discovered that FFmpeg incorrectly handled certain malformed H.264 files. If a user were tricked into opening a crafted H.264 file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0851)

It was discovered that FFmpeg incorrectly handled certain malformed ADPCM files. If a user were tricked into opening a crafted ADPCM file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0852)

It was discovered that FFmpeg incorrectly handled certain malformed Atrac 3 files. If a user were tricked into opening a crafted Atrac 3 file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0853)

It was discovered that FFmpeg incorrectly handled certain malformed Shorten files. If a user were tricked into opening a crafted Shorten file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0858)

It was discovered that FFmpeg incorrectly handled certain malformed Vorbis files. If a user were tricked into opening a crafted Vorbis file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0859)

Fabian Yamaguchi discovered that FFmpeg incorrectly handled certain malformed VQA files. If a user were tricked into opening a crafted VQA file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-0947).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected libavcodec52 and / or libavformat52 packages.

See Also

https://usn.ubuntu.com/1479-1/

Plugin Details

Severity: Medium

ID: 59566

File Name: ubuntu_USN-1479-1.nasl

Version: 1.10

Type: local

Agent: unix

Published: 6/19/2012

Updated: 9/19/2019

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:libavcodec52, p-cpe:/a:canonical:ubuntu_linux:libavformat52, cpe:/o:canonical:ubuntu_linux:10.04:-:lts

Required KB Items: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/18/2012

Vulnerability Publication Date: 8/20/2012

Reference Information

CVE: CVE-2011-3929, CVE-2011-3936, CVE-2011-3940, CVE-2011-3947, CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852, CVE-2012-0853, CVE-2012-0858, CVE-2012-0859, CVE-2012-0947

BID: 51307, 51720, 53389

USN: 1479-1