Ubuntu Security Notice USN-230-1
14th December, 2005
ffmpeg vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.04
Details
Simon Kilvington discovered a buffer overflow in the
avcodec_default_get_buffer() function of the ffmpeg library. By
tricking an user into opening a malicious movie which contains
specially crafted PNG images, this could be exploited to execute
arbitrary code with the user's privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.04:
- kino
- libavcodec-dev
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None