oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE id request: libavformat

From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Thu, 10 Jul 2008 00:50:44 +1000
Hi

There is a possible DoS in libavformat.

mplayer bugreport:
https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311

The quote from the bugreport:
This has audio sectors mixed in with video sectors, so the check at 
psxstr.c:319 copies them onto the end of the video packet, going past 
the end of the buffer.

Upstream patch:
http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/psxstr.c?r1=13993&r2=13992&pathrev=13993

Debian bugreport:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489965

Could I get a CVE id for this?

Cheers
Steffen

Attachment: signature.asc
Description: This is a digitally signed message part.

Previous By Date Next
Previous By Thread Next

Current thread: