vulnerability announce CVE-2013-0844 CVE-2013-0845 CVE-2013-0846
FFmpeg: several vulnerabilities
Synthesis of the vulnerability
An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer.Impacted products: Debian
, Unix (platform)
BID-57868, BID-62397, CVE-2013-0844, CVE-2013-0845, CVE-2013-0846, CVE-2013-0847, CVE-2013-0848, CVE-2013-0849, CVE-2013-0850, CVE-2013-0851, CVE-2013-0852, CVE-2013-0853, CVE-2013-0854, CVE-2013-0855, CVE-2013-0856, CVE-2013-0857, CVE-2013-0858, CVE-2013-0859, CVE-2013-0860, CVE-2013-0861, CVE-2013-0862, CVE-2013-0863, CVE-2013-0864, CVE-2013-0865, CVE-2013-0866, CVE-2013-0867, CVE-2013-0868, CVE-2013-0869, DSA-2793-1, DSA-2855-1, DSA-3003-1, MDVSA-2014:227, USN-2309-1, VIGILANCE-VUL-12387.
Description of the vulnerability
The FFmpeg suite contains several libraries to process multimedia data.
However, several vulnerabilities impact FFmpeg.
An attacker can therefore create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides application vulnerability analysis
. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.