Launchpad CVE tracker

CVE 2009-0385

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

Related bugs and status

CVE-2009-0385 (Candidate) is related to these bugs:

Bug #323620: ffmpeg vulnerability in 4xm demuxer

Summary				In	Importance	Status
	323620	ffmpeg vulnerability in 4xm demuxer		ffmpeg (Ubuntu)	Undecided	Fix Released

Bug #731625: [CVE-2009-0385] arbitrary code excecution via NULL pointer dereference

Summary				In	Importance	Status
	731625	[CVE-2009-0385] arbitrary code excecution via NULL pointer dereference		mplayer (Ubuntu)	Undecided	Invalid
	731625	[CVE-2009-0385] arbitrary code excecution via NULL pointer dereference		mplayer (Ubuntu Hardy)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.trapkit.de/...
CONFIRM: http://git.ffmpeg.org/...
BID: 33502
SECUNIA: 33711
OSVDB: 51643
UBUNTU: USN-734-1
SECUNIA: 34296
GENTOO: GLSA-200903-33
SECUNIA: 34385
FEDORA: FEDORA-2009-3428
FEDORA: FEDORA-2009-3433
SECUNIA: 34712
DEBIAN: DSA-1781
SECUNIA: 34905
DEBIAN: DSA-1782
SECUNIA: 34845
MANDRIVA: MDVSA-2009:297
VUPEN: ADV-2009-0277
CONFIRM: http://svn.mplayerhq.h...
CONFIRM: http://svn.mplayerhq.h...
XF: ffmpeg-fourxmreadheade...
BUGTRAQ: 20090128 [TKADV2009-00...

Launchpad.net

CVE 2009-0385

Related bugs and status

Related bugs

References