CVE-2009-4634

Priority
Medium
Description
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a
denial of service and possibly execute arbitrary code via a crafted file
that (1) bypasses a validation check in vorbis_dec.c and triggers a
wraparound of the stack pointer, or (2) access a pointer from out-of-bounds
memory in mov.c, related to an elst tag that appears before a tag that
creates a stream.
References
Bugs
Notes
 mdeslaur> This is issues #9 and #3
Package
Upstream:needed
Package
Upstream:needed
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:37:25 UTC (commit 9756)