Your submission was sent successfully! Close

USN-309-1: libmms vulnerability

6 July 2006

libmms vulnerability



Several buffer overflows were found in libmms. By tricking a user into
opening a specially crafted remote multimedia stream with an
application using libmms, a remote attacker could overwrite an
arbitrary memory portion with zeros, thereby crashing the program.

In Ubuntu 5.10, this affects the GStreamer MMS plugin
(gstreamer0.8-mms). Other Ubuntu releases do not support this library.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
  • libmms0 - 0.1-0ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.