advisories/10506.adv

type: security
subject: Updated ffmpeg packages fix several security vulnerabilities
CVE:
 - CVE-2013-3671
 - CVE-2013-3672
 - CVE-2013-3673
 - CVE-2013-3674
src:
  3:
   core:
    - ffmpeg-1.1.5-1.mga3
   tainted:
    - ffmpeg-1.1.5-1.mga3.tainted
description: |
  ffmpeg prior to 1.1.5 contains several security vulnerabilities
  
  * CVE-2013-3671:
  The format_line function in log.c in libavutil uses inapplicable offset
  data during a certain category calculation, which allows remote attackers
  to cause a denial of service (invalid pointer dereference and application
  crash) via crafted data that triggers a log message.

  * CVE-2013-3672:
  The mm_decode_inter function in mmvideo.c in libavcodec does not validate
  the relationship between a horizontal coordinate and a width value, which
  allows remote attackers to cause a denial of service (out-of-bounds array
  access and application crash) via crafted American Laser Games (ALG) MM
  Video data.

  * CVE-2013-3673:
  The gif_decode_frame function in gifdec.c in libavcodec does not properly
  manage the disposal methods of frames, which allows remote attackers to
  cause a denial of service (out-of-bounds array access and application crash)
  via crafted GIF data.

  * CVE-2013-3674:
  The cdg_decode_frame function in cdgraphics.c in libavcodec does not validate
  the presence of non-header data in a buffer, which allows remote attackers to
  cause a denial of service (out-of-bounds array access and application crash)
  via crafted CD Graphics Video data.

  The ffmpeg packages have been updated to fix above security vulnerabilities,
  with extra bugs-fixes.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=10506
1	type: security
2	subject: Updated ffmpeg packages fix several security vulnerabilities
3	CVE:
4	- CVE-2013-3671
5	- CVE-2013-3672
6	- CVE-2013-3673
7	- CVE-2013-3674
8	src:
9	3:
10	core:
11	- ffmpeg-1.1.5-1.mga3
12	tainted:
13	- ffmpeg-1.1.5-1.mga3.tainted
14	description: \|
15	ffmpeg prior to 1.1.5 contains several security vulnerabilities
16
17	* CVE-2013-3671:
18	The format_line function in log.c in libavutil uses inapplicable offset
19	data during a certain category calculation, which allows remote attackers
20	to cause a denial of service (invalid pointer dereference and application
21	crash) via crafted data that triggers a log message.
22
23	* CVE-2013-3672:
24	The mm_decode_inter function in mmvideo.c in libavcodec does not validate
25	the relationship between a horizontal coordinate and a width value, which
26	allows remote attackers to cause a denial of service (out-of-bounds array
27	access and application crash) via crafted American Laser Games (ALG) MM
28	Video data.
29
30	* CVE-2013-3673:
31	The gif_decode_frame function in gifdec.c in libavcodec does not properly
32	manage the disposal methods of frames, which allows remote attackers to
33	cause a denial of service (out-of-bounds array access and application crash)
34	via crafted GIF data.
35
36	* CVE-2013-3674:
37	The cdg_decode_frame function in cdgraphics.c in libavcodec does not validate
38	the presence of non-header data in a buffer, which allows remote attackers to
39	cause a denial of service (out-of-bounds array access and application crash)
40	via crafted CD Graphics Video data.
41
42	The ffmpeg packages have been updated to fix above security vulnerabilities,
43	with extra bugs-fixes.
44	references:
45	- https://bugs.mageia.org/show_bug.cgi?id=10506