CVE-2006-4799

Common Vulnerabilities and Exposures

Upstream information

CVE-2006-4799 at MITRE

Description

Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

Novell/SUSE information

Novell Bugzilla entry: 222892

SUSE Security Advisories:

SUSE-SA:2006:073, published Fri, 01 Dec 2006 16:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE LINUX 10.0	`xine-lib >= 1.1.0-12.7` `xine-lib-32bit >= 1.1.0-12.7` `xine-lib-64bit >= 1.1.0-12.7`
SUSE LINUX 10.1	`xine-lib >= 1.1.1-24.10` `xine-lib-32bit >= 1.1.1-24.10` `xine-lib-64bit >= 1.1.1-24.10`
SUSE LINUX 9.3	`xine-lib >= 1.0-10.9` `xine-lib-32bit >= 9.3-7.4`
SLES SDK 9 for IPF	`xine-lib >= 0.99.rc3a-106.31` `xine-lib-x86 >= 9-200611230129`	core9.s390 sles9-nld.x86 YOU Patch Nr: 11311 ZYPP Patch Nr: 2307
SLES SDK 9 for IBM iSeries and IBM pSeries	`xine-lib >= 0.99.rc3a-106.31` `xine-lib-64bit >= 9-200611230121`	core9.s390 sles9-nld.x86 YOU Patch Nr: 11311 ZYPP Patch Nr: 2307
Novell Linux Desktop 9 for x86 SLES SDK 9 for IBM S/390 and IBM zSeries SLES SDK 9 for x86	`xine-lib >= 0.99.rc3a-106.31`	core9.s390 sles9-nld.x86 YOU Patch Nr: 11311 ZYPP Patch Nr: 2307
SLES SDK 9 for IBM zSeries	`xine-lib >= 0.99.rc3a-106.31` `xine-lib-32bit >= 9-200611230107`	core9.s390 sles9-nld.x86 YOU Patch Nr: 11311 ZYPP Patch Nr: 2307
Novell Linux Desktop 9 for x86_64 SLES SDK 9 for X86-64	`xine-lib >= 0.99.rc3a-106.31` `xine-lib-32bit >= 9-200611230135`	core9.s390 sles9-nld.x86 YOU Patch Nr: 11311 ZYPP Patch Nr: 2307

Products

Products By Category

Collaboration

Endpoint Management

File & Networking Services

Services & Support

Help Yourself

Let Us Help

Download

IT Consulting

Technical Training

Customer Center

Contribute

Partners

Partner With Novell

PartnerNet

Find a Partner

Developers

Communities

About Novell

How to Buy