CVE-2008-4201
Published: 24 September 2008
Heap-based buffer overflow in the decodeMP4file function (frontend/main.c) in FAAD2 2.6.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MPEG-4 (MP4) file.
Priority
Status
Package | Release | Status |
---|---|---|
faad2 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.0+cvs20040908+mp4v2+bmp-0ubuntu3.6.06.1)
|
feisty |
Released
(2.0.0+cvs20040908+mp4v2+bmp-0ubuntu3.7.04.1)
|
|
gutsy |
Released
(2.0.0+cvs20040908+mp4v2+bmp-0ubuntu5.1)
|
|
hardy |
Released
(2.6.1-2ubuntu0.1)
|
|
upstream |
Released
(2.6.1)
|
|
Patches: upstream: http://www.audiocoding.com/patch/main_overflow.diff |