MGASA-2013-0182

ffmpeg prior to 1.1.5 contains several security vulnerabilities

• CVE-2013-3671: The format_line function in log.c in libavutil uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message.

• CVE-2013-3672: The mmdecodeinter function in mmvideo.c in libavcodec does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data.

• CVE-2013-3673: The gifdecodeframe function in gifdec.c in libavcodec does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data.

• CVE-2013-3674: The cdgdecodeframe function in cdgraphics.c in libavcodec does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data.

The ffmpeg packages have been updated to fix above security vulnerabilities, with extra bugs-fixes.