FFmpeg Exploit Fixed in Ubuntu 10.04 LTS

Users just have to upgrade the system in order to correct the problem

On December 19, Canonical published details about MySQL vulnerabilities for 10.04 LTS operating systems.

According to Canonical, FFmpeg could have been made to crash or run programs as the users login, if it opened a specially crafted file.

It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

For a more detailed description of the security problems in question, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest libavformat52 and libavcodec52 package, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.

Hot right now  ·  Latest news