Launchpad.net

CVE 2009-4635

FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow.

Related bugs and status

CVE-2009-4635 (Candidate) is related to these bugs:

Bug #537297: security backports

		In	Importance	Status
537297	security backports	ffmpeg (Ubuntu)	Medium	Fix Released
537297	security backports	ffmpeg (Debian)	Unknown	Fix Released
537297	security backports	ffmpeg (Ubuntu Intrepid)	Undecided	Invalid
537297	security backports	ffmpeg (Ubuntu Jaunty)	Undecided	Won't Fix
537297	security backports	ffmpeg (Ubuntu Lucid)	Medium	Fix Released
537297	security backports	ffmpeg (Ubuntu Karmic)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://scarybeastsecur...
MISC: https://roundup.ffmpeg...
DEBIAN: DSA-2000
BID: 36465
SECUNIA: 36805
SECUNIA: 38643
UBUNTU: USN-931-1
SECUNIA: 39482
VUPEN: ADV-2010-0935
MANDRIVA: MDVSA-2011:059
MANDRIVA: MDVSA-2011:060
MANDRIVA: MDVSA-2011:061
MANDRIVA: MDVSA-2011:088
VUPEN: ADV-2011-1241
MANDRIVA: MDVSA-2011:112
MANDRIVA: MDVSA-2011:114