advisories/10506.adv

type: security
subject: Updated ffmpeg packages fix several security vulnerabilities
CVE:
 - CVE-2013-3671
 - CVE-2013-3672
 - CVE-2013-3673
 - CVE-2013-3674
src:
  3:
   core:
    - ffmpeg-1.1.5-1.mga3
   tainted:
    - ffmpeg-1.1.5-1.mga3.tainted
description: |
  ffmpeg prior to 1.1.5 contains several security vulnerabilities
  
  * CVE-2013-3671:
  The format_line function in log.c in libavutil uses inapplicable offset
  data during a certain category calculation, which allows remote attackers
  to cause a denial of service (invalid pointer dereference and application
  crash) via crafted data that triggers a log message.

  * CVE-2013-3672:
  The mm_decode_inter function in mmvideo.c in libavcodec does not validate
  the relationship between a horizontal coordinate and a width value, which
  allows remote attackers to cause a denial of service (out-of-bounds array
  access and application crash) via crafted American Laser Games (ALG) MM
  Video data.

  * CVE-2013-3673:
  The gif_decode_frame function in gifdec.c in libavcodec does not properly
  manage the disposal methods of frames, which allows remote attackers to
  cause a denial of service (out-of-bounds array access and application crash)
  via crafted GIF data.

  * CVE-2013-3674:
  The cdg_decode_frame function in cdgraphics.c in libavcodec does not validate
  the presence of non-header data in a buffer, which allows remote attackers to
  cause a denial of service (out-of-bounds array access and application crash)
  via crafted CD Graphics Video data.

  The ffmpeg packages have been updated to fix above security vulnerabilities,
  with extra bugs-fixes.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=10506
ID: MGASA-2013-0182
1	claire	77	type: security
2			subject: Updated ffmpeg packages fix several security vulnerabilities
3			CVE:
4			- CVE-2013-3671
5			- CVE-2013-3672
6			- CVE-2013-3673
7			- CVE-2013-3674
8			src:
9			3:
10			core:
11			- ffmpeg-1.1.5-1.mga3
12			tainted:
13			- ffmpeg-1.1.5-1.mga3.tainted
14			description: \|
15			ffmpeg prior to 1.1.5 contains several security vulnerabilities
16
17			* CVE-2013-3671:
18			The format_line function in log.c in libavutil uses inapplicable offset
19			data during a certain category calculation, which allows remote attackers
20			to cause a denial of service (invalid pointer dereference and application
21			crash) via crafted data that triggers a log message.
22
23			* CVE-2013-3672:
24			The mm_decode_inter function in mmvideo.c in libavcodec does not validate
25			the relationship between a horizontal coordinate and a width value, which
26			allows remote attackers to cause a denial of service (out-of-bounds array
27			access and application crash) via crafted American Laser Games (ALG) MM
28			Video data.
29
30			* CVE-2013-3673:
31			The gif_decode_frame function in gifdec.c in libavcodec does not properly
32			manage the disposal methods of frames, which allows remote attackers to
33			cause a denial of service (out-of-bounds array access and application crash)
34			via crafted GIF data.
35
36			* CVE-2013-3674:
37			The cdg_decode_frame function in cdgraphics.c in libavcodec does not validate
38			the presence of non-header data in a buffer, which allows remote attackers to
39			cause a denial of service (out-of-bounds array access and application crash)
40			via crafted CD Graphics Video data.
41
42			The ffmpeg packages have been updated to fix above security vulnerabilities,
43			with extra bugs-fixes.
44			references:
45			- https://bugs.mageia.org/show_bug.cgi?id=10506
46	boklm	94	ID: MGASA-2013-0182