Gentoo Security Advisory GLSA 200903-33 (ffmpeg Gst-plugins-ffmpeg Mplayer) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200903-33.

Solution

All FFmpeg users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/ffmpeg-0.4.9_p20090201' All gst-plugins-ffmpeg users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-plugins/gst-plugins-ffmpeg-0.10.5' All Mplayer users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p28450' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-33 http://bugs.gentoo.org/show_bug.cgi?id=231831 http://bugs.gentoo.org/show_bug.cgi?id=231834 http://bugs.gentoo.org/show_bug.cgi?id=245313 http://bugs.gentoo.org/show_bug.cgi?id=257217 http://bugs.gentoo.org/show_bug.cgi?id=257381

Insight

Multiple vulnerabilities in FFmpeg may lead to the remote execution of arbitrary code or a Denial of Service.

Severity

Classification

CVE CVE-2008-3162, CVE-2008-4866, CVE-2008-4867, CVE-2008-4868, CVE-2008-4869, CVE-2009-0385

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200903-33 (ffmpeg gst-plugins-ffmpeg mplayer)

Take action and discover your vulnerabilities