Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE Request: ffmpeg
From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 04 Dec 2011 11:36:31 -0700

On 12/04/2011 04:06 AM, Marc Deslauriers wrote:

This doesn't seem to have a CVE:

An error within the "svq1_decode_frame()" function
(libavcodec/svq1dec.c) can be exploited to corrupt memory.





The secunia page lists 3 CVE's and 4 issues with no mappings to CVE's to
issues that I can see. Can you reply with the mapping information that
you used to determine that this issue was not assigned a CVE (as opposed
to one of the other issues)?. Also can you confirm or proove that these
4 issues are all separate and that two of them have not been merged
(thus obviating any need for a third CVE)? Thanks in advance. If anyone
from Secunia is on this list I'd love to hear from you/any comments on
this issue are more then welcome.


-Kurt Seifried / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]