CVE-2009-0385

Published: 2 February 2009

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.

Notes

Author	Note
mdeslaur	kino is built with --disable-local-ffmpeg, so it's not vulnerable

Priority

Status

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Released (3:0.cvs20070307-5ubuntu4.2)
	hardy	Released (3:0.cvs20070307-5ubuntu7.2)
	intrepid	Ignored (end of life, was needed)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	karmic	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	lucid	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	maverick	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	natty	Does not exist
	upstream	Needs triage
	Patches: upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
ffmpeg-debian Launchpad, Ubuntu, Debian	dapper	Does not exist
	gutsy	Does not exist
	hardy	Does not exist
	intrepid	Released (3:0.svn20080206-12ubuntu3.1)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1)
	karmic	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Does not exist
	upstream	Needs triage
	Patches: upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17
gstreamer0.10-ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needs-triage)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Ignored (end of life, was needs-triage)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
kino Launchpad, Ubuntu, Debian	dapper	Not vulnerable (code not present)
	gutsy	Not vulnerable (uses system ffmpeg)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Not vulnerable (uses system ffmpeg)
	jaunty	Not vulnerable (uses system ffmpeg)
	karmic	Not vulnerable (uses system ffmpeg)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
motion Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needs-triage)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Ignored (end of life, was needs-triage)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
mplayer Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needed)
	hardy	Released (2:1.0~rc2-0ubuntu13.2)
	intrepid	Ignored (end of life, was needed)
	jaunty	Ignored (end of life)
	karmic	Not vulnerable
	lucid	Not vulnerable
	maverick	Not vulnerable
	natty	Not vulnerable
	upstream	Needs triage
	Patches: upstream: http://svn.mplayerhq.hu/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846&pathrev=16846
smilutils Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needs-triage)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Not vulnerable (uses system ffmpeg) (end of life)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage

References

Bugs

https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/323620

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›