Launchpad.net

CVE 2008-3162

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

Related bugs and status

CVE-2008-3162 (Candidate) is related to these bugs:

Bug #248674: CVE-2008-3162 Stack-based buffer overflow

		In	Importance	Status
248674	CVE-2008-3162 Stack-based buffer overflow	ffmpeg (Ubuntu)	Medium	Fix Released
248674	CVE-2008-3162 Stack-based buffer overflow	ffmpeg (Ubuntu Dapper)	Medium	Fix Released
248674	CVE-2008-3162 Stack-based buffer overflow	ffmpeg (Ubuntu Feisty)	Medium	Fix Released
248674	CVE-2008-3162 Stack-based buffer overflow	ffmpeg-debian (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://roundup.mplaye...
SECUNIA: 30994
MLIST: [oss-security] 2008071...
MLIST: [oss-security] 2008071...
CONFIRM: http://bugs.debian.org...
MANDRIVA: MDVSA-2008:157
UBUNTU: USN-630-1
BID: 30154
SECUNIA: 31268
GENTOO: GLSA-200903-33
SECUNIA: 34385
DEBIAN: DSA-1781
SECUNIA: 34905
VUPEN: ADV-2008-2031
CONFIRM: http://svn.mplayerhq.h...