CVE-2009-0385

Published: 2 February 2009

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

Notes

Author	Note
mdeslaur	kino is built with --disable-local-ffmpeg, so it's not vulnerable

Priority

Status

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Released (3:0.cvs20070307-5ubuntu4.2)
	hardy	Released (3:0.cvs20070307-5ubuntu7.2)
	intrepid	Needed (reached end-of-life)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	karmic	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	lucid	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	maverick	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	natty	Does not exist
	upstream	Needs triage
	Patches: upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
ffmpeg-debian Launchpad, Ubuntu, Debian	dapper	Does not exist
	gutsy	Does not exist
	hardy	Does not exist
	intrepid	Released (3:0.svn20080206-12ubuntu3.1)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1)
	karmic	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Does not exist
	upstream	Needs triage
	Patches: upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
gstreamer0.10-ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Needs triage (reached end-of-life)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Needs triage (reached end-of-life)
	jaunty	Ignored (reached end-of-life)
	karmic	Ignored (reached end-of-life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
kino Launchpad, Ubuntu, Debian	dapper	Not vulnerable (code not present)
	gutsy	Not vulnerable (uses system ffmpeg)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Not vulnerable (uses system ffmpeg)
	jaunty	Not vulnerable (uses system ffmpeg)
	karmic	Not vulnerable (uses system ffmpeg)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
motion Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Needs triage (reached end-of-life)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Needs triage (reached end-of-life)
	jaunty	Ignored (reached end-of-life)
	karmic	Ignored (reached end-of-life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
mplayer Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Needed (reached end-of-life)
	hardy	Released (2:1.0~rc2-0ubuntu13.2)
	intrepid	Needed (reached end-of-life)
	jaunty	Ignored (reached end-of-life)
	karmic	Not vulnerable
	lucid	Not vulnerable
	maverick	Not vulnerable
	natty	Not vulnerable
	upstream	Needs triage
	Patches: upstream: http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846&pathrev=16846
smilutils Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Needs triage (reached end-of-life)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Not vulnerable (uses system ffmpeg) (reached end-of-life)
	jaunty	Ignored (reached end-of-life)
	karmic	Ignored (reached end-of-life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage

References

Bugs

https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/323620

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Security