Launchpad.net

CVE 2009-4633

vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow.

Related bugs and status

CVE-2009-4633 (Candidate) is related to these bugs:

Bug #537297: security backports

		In	Importance	Status
537297	security backports	ffmpeg (Ubuntu)	Medium	Fix Released
537297	security backports	ffmpeg (Debian)	Unknown	Fix Released
537297	security backports	ffmpeg (Ubuntu Intrepid)	Undecided	Invalid
537297	security backports	ffmpeg (Ubuntu Jaunty)	Undecided	Won't Fix
537297	security backports	ffmpeg (Ubuntu Lucid)	Medium	Fix Released
537297	security backports	ffmpeg (Ubuntu Karmic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://scarybeastsecur...
MISC: https://roundup.ffmpeg...
DEBIAN: DSA-2000
BID: 36465
SECUNIA: 36805
SECUNIA: 38643
UBUNTU: USN-931-1
SECUNIA: 39482
VUPEN: ADV-2010-0935
MANDRIVA: MDVSA-2011:060
MANDRIVA: MDVSA-2011:061
MANDRIVA: MDVSA-2011:088
VUPEN: ADV-2011-1241
MANDRIVA: MDVSA-2011:112
MANDRIVA: MDVSA-2011:114