PublicDateAtUSN: 2010-02-09
Candidate: CVE-2009-4639
PublicDate: 2010-02-10 02:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639
 https://ubuntu.com/security/notices/USN-931-1
Description:
 The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote
 attackers to cause a denial of service (crash) via a crafted AVI file that
 triggers a divide-by-zero error.
Ubuntu-Description:
Notes:
 mdeslaur> not sure which specific issue this refers to
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550442
Priority: low
Discovered-by: Will Dormann
Assigned-to:
CVSS: 

Patches_ffmpeg-debian:
upstream_ffmpeg-debian: needed
dapper_ffmpeg-debian: DNE
hardy_ffmpeg-debian: DNE
intrepid_ffmpeg-debian: released (3:0.svn20080206-12ubuntu3.2)
jaunty_ffmpeg-debian: released (3:0.svn20090303-1ubuntu6.1)
karmic_ffmpeg-debian: DNE
lucid_ffmpeg-debian: DNE
maverick_ffmpeg-debian: DNE
devel_ffmpeg-debian: DNE

Patches_ffmpeg:
upstream_ffmpeg: needed
dapper_ffmpeg: ignored (reached end-of-life)
hardy_ffmpeg: released (3:0.cvs20070307-5ubuntu7.4)
intrepid_ffmpeg: needed (reached end-of-life)
jaunty_ffmpeg: ignored (reached end-of-life)
karmic_ffmpeg: released (4:0.5+svn20090706-2ubuntu2.1)
lucid_ffmpeg: not-affected (4:0.5.1-1ubuntu1)
maverick_ffmpeg: not-affected (4:0.5.1-1ubuntu1)
devel_ffmpeg: not-affected (4:0.5.1-1ubuntu1)