openSUSE Security Update : ffmpeg (openSUSE-2016-1203)
Medium Nessus Plugin ID 94129
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for ffmpeg fixes multiple security issues in ffmpeg (boo#1003806)
These vulnerabilities can be triggered when processing specially crafted avi video content, and could lead to crashes or have unspecified further impact including potential code execution.
- CVE-2016-7562: out-of-bounds array write fault via specially crafted avi files
- CVE-2016-7502: out-of-bounds array write via incorrect block values
- CVE-2016-7905: null-point-exception when decoding avi files with crafted 'gab2' structs
- CVE-2016-7555: memory leak when decoding avi files with crafted 'strh' struct
- CVE-2016-7785: assert fault via avi files with crafted 'strh' struct
SolutionUpdate the affected ffmpeg packages.