[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE request: Mplayer/Mencoder read out-of-bounds parsing a mp3 file
From: cve-assign () mitre ! org
Date: 2016-05-29 17:45:22
Message-ID: 20160529174522.13B2B33202D () smtpvbsrv1 ! mitre ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> A read out-of-bounds parsing a mp3 file was found in the last revision
> of mplayer. Technical details and a reproducer are available here:
>
> https://trac.mplayerhq.hu/ticket/2298
>> Component: libavcodec
>> libavformat version 57.34.103 (internal)
>>
>> AddressSanitizer: heap-buffer-overflow
>> READ of size 4
>>
>> in avcodec_decode_audio4
Use CVE-2016-5115 for this libavcodec issue. We did not check whether
this affects any versions of FFmpeg. libavformat version 57.34.103 is
more recent than in FFmpeg 3.0.2, for example.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXSyoVAAoJEHb/MwWLVhi2sOkP/3FeYYp5pcAVPHm4Lx3qM9Rr
LZYC8ph+Cn8HSTxMhOO+jtTe7DdlXkMvHWMRDGAreaw/RKTT4OjY+iF3u2zdpd6n
Txw31NSKyToof4jVWTojxibkjUa3mAXdNYo9hIW9DL5YBtIz0mYLxoRu5gnNg+V4
pMN/aSKVfiB9W4W36tpo6al8fyEOHakYgqetbkOpV9O40j1nfO9qywGrLA+tWg6Z
b+aLByyLRTYbCoTuuEKYhP/wE78KnVLZRxzoMPSGL0rCFDeQYYBR9ha5bW3n3Dzo
zPag7BqUafbIDOfnhPmbh+FkGqySuHTJxqfZycPH4RymDMzLW0Wb5wtuI+xc13Nx
c7SpdLhX1fQcXBwPUmv0qdhbDMPpGgoovRPvKxCDH2sXR7+ZCtP7QUv2wO7gqe3w
mMqJsORLguf81m4r95QC/Nm0np6GVwDEkNCaQkJft8p3CbACib2NoY3i2OSBEqKB
RO5n4Wq6TIeMpoNTQhTxN2Zhni/ZQ+88Uo2qQP5YPH2griPAUADXopypv7hhCSsx
UZpiLvdRJrMevXMU1D8llqvTfOtYzVoJ7IWlDbg+vtJhQEwyMhT0HYjamkLVusm9
TnfIshGwWKq3jtre3xqDez24S/N9zvTA9FaFQtJb+we95n5cSrZJb17RhOii52M+
tZGsRx2O5Wsp/74wvnli
=nzCw
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic