Users of FFmpeg/libavcodec please be advised of an arbitrary offset dereference vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
oCERT-2010-004: oCERT-2010-004 - FFmpeg/libavcodec arbitrary offset dereference
Description:
The libavcodec library, an open source video encoding/decoding library part of
the FFmpeg project, suffers from an arbitrary offset dereference vulnerability.
The vulnerability affects the flic file format parser, insufficient
restrictions on a writable buffer can be exploited to execute arbitrary code
via the heap memory. A specific flic file can be crafted to trigger the
vulnerability.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/cj1Wr7
No comments:
Post a Comment