Hi Steffen, * Steffen Joeris <[EMAIL PROTECTED]> [2007-12-04 13:05]: > On Tue, 4 Dec 2007 10:20:59 am you wrote: > > On Tue, Dec 04, 2007, Steffen Joeris wrote: > > > I was just reading through the bugreport. Can you please elaborate, under > > > which circumstances a potential DoS can be performed? At the moment, the > > > whole issue does not sound very important, but I would like to wait for > > > your explanation :) > > > > My understanding is that a SEGV while playing a MPEG file is a > > potential security hole, as it can be exploited from videos on the web > > or similar. > > > > I didn't investigate whether this crash is exploitable. > If a Denial of Service attack can be launched, then a SEGV is a security > hole, > yes. I was just wondering, because the security tag is set.
Well, a SEGV is basically memory corruption and not just a DoS. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpOvObZkG4XZ.pgp
Description: PGP signature

