Summary
The remote host is missing an update to ffmpeg
announced via advisory DSA 2494-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202494-1
Insight
It was discovered that ffmpeg, Debian's version of the libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952).
In addition, this update contains bug fixes from the libav 0.5.9 upstream release.
For the stable distribution (squeeze), these problems have been fixed in version 4:0.5.9-1.
For the unstable distribution (sid), these problems have been fixed in version 6:0.8.3-1.
We recommend that you upgrade your ffmpeg packages.
Severity
Classification
-
CVE CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities