Ubuntu Security Notice USN-309-1
6th July, 2006
libmms vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.10
Details
Several buffer overflows were found in libmms. By tricking a user into
opening a specially crafted remote multimedia stream with an
application using libmms, a remote attacker could overwrite an
arbitrary memory portion with zeros, thereby crashing the program.
In Ubuntu 5.10, this affects the GStreamer MMS plugin
(gstreamer0.8-mms). Other Ubuntu releases do not support this library.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.10:
- libmms0 0.1-0ubuntu1.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the
necessary changes.