Orange Applications for Business
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability announce CVE-2013-0844 CVE-2013-0845 CVE-2013-0846

FFmpeg: several vulnerabilities

Synthesis of the vulnerability

An attacker can create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer.
Impacted products: Debian, MBS, Ubuntu, Unix (platform).
Severity: 2/4.
Creation date: 07/02/2013.
Identifiers: BID-57868, BID-62397, CVE-2013-0844, CVE-2013-0845, CVE-2013-0846, CVE-2013-0847, CVE-2013-0848, CVE-2013-0849, CVE-2013-0850, CVE-2013-0851, CVE-2013-0852, CVE-2013-0853, CVE-2013-0854, CVE-2013-0855, CVE-2013-0856, CVE-2013-0857, CVE-2013-0858, CVE-2013-0859, CVE-2013-0860, CVE-2013-0861, CVE-2013-0862, CVE-2013-0863, CVE-2013-0864, CVE-2013-0865, CVE-2013-0866, CVE-2013-0867, CVE-2013-0868, CVE-2013-0869, DSA-2793-1, DSA-2855-1, DSA-3003-1, MDVSA-2014:227, USN-2309-1, VIGILANCE-VUL-12387.

Description of the vulnerability

The FFmpeg suite contains several libraries to process multimedia data.

However, several vulnerabilities impact FFmpeg.

An attacker can therefore create a malicious video, and invite the victim to display it with an application linked to FFmpeg, in order to stop it or to execute code on his computer.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides application vulnerability analysis. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Applications for Business. Site map. Legal notice. Version française