Vigil@nce - FFmpeg: several vulnerabilities
February 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious video, and invite the victim to
display it with an application linked to FFmpeg, in order to stop
it or to execute code on his computer.
Impacted products: Unix (platform)
Severity: 2/4
Creation date: 07/02/2013
DESCRIPTION OF THE VULNERABILITY
The FFmpeg suite contains several libraries to process multimedia
data.
Several vulnerabilities impact FFmpeg.
An attacker can therefore create a malicious video, and invite the
victim to display it with an application linked to FFmpeg, in
order to stop it or to execute code on his computer.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/FFmpeg-several-vulnerabilities-12387