No account yet?
Home » Exploits » FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability
FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability E-mail
Feeds - Exploits
Written by astrange   
Friday, 20 March 2009 23:06
FFmpeg libavformat 'psxstr.c' STR Data Heap Based Buffer Overflow Vulnerability


-\\Bugtraq ID:
30154

-\\Class:
Boundary Condition Error

-\\CVE:
CVE-2008-3162


-\\Remote:
Yes

-\\Local:
No

-\\Published:
Jul 09 2008 12:00AM

-\\Updated:
Mar 20 2009 06:36PM

-\\Credit:
astrange



-\\Vulnerable:
Ubuntu Ubuntu Linux  8.04 LTS sparc
Ubuntu Ubuntu Linux  8.04 LTS powerpc
Ubuntu Ubuntu Linux  8.04 LTS lpia
Ubuntu Ubuntu Linux  8.04 LTS i386
Ubuntu Ubuntu Linux  8.04 LTS amd64
Ubuntu Ubuntu Linux  7.10 sparc
Ubuntu Ubuntu Linux  7.10 powerpc
Ubuntu Ubuntu Linux  7.10 lpia
Ubuntu Ubuntu Linux  7.10 i386
Ubuntu Ubuntu Linux  7.10 amd64
MandrakeSoft Linux Mandrake  2008.1 x86_64
MandrakeSoft Linux Mandrake  2008.1
MandrakeSoft Linux Mandrake  2008.0 x86_64
MandrakeSoft Linux Mandrake  2008.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server  4.0
Gentoo Linux  
FFmpeg FFmpeg  CVS
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64



-\\Discussion
The 'libavformat' library from FFmpeg is prone to a remote heap-based buffer-overflow vulnerability
because of insufficient boundary checks when parsing STR data.

Remote attackers can exploit this issue by enticing victims into opening maliciously crafted STR
files with an application that uses the affected library.

Successful exploits may allow attackers to execute arbitrary code within the context of an affected
application. Failed exploit attempts will likely result in a denial of service.



-\\Exploit(s)/PoC(s):
The following proof-of-concept image file is available:


============================
http://www.securityfocus.com/data/vulnerabilities/exploits/logo.iki



-\\Solution
Vendor fixes are available in the SVN repository. Please see the references for more information.



-\\References(s)
--FFmpeg Homepage
http://ffmpeg.mplayerhq.hu  (FFmpeg )
--Issue311 Crash demuxing STR with badly interleaved audio
https://roundup.mplayerhq.hu/roundup/ffmpeg/issue31  (FFmpeg)
--Revision 13993
http://svn.mplayerhq.hu/ffmpeg?view=rev&revision=1399  (FFmpeg)
 

Security Services by HSC

Contact us

Become partner
Advertise with us
Join our staff