Hi, Am 31.07.2012 13:43, schrieb IOhannes m zmoelnig: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > hi all, > > while fixing gmerlin-avdec support for Gem on OSX i noticed, that > gmerlin-avdecoder freezes the system when opening certain files.
Can reproduce this with bgavdump -s on Linux. > in other words: i discovered a vulnerability of gmerlin-avdec, that > allows a remote attacker to freeze a host computer via a carefully > crafted media-file. Only for OSes where frozen program == frozen computer :) But anyway this needs to be fixed of course. I'll look into this. Burkhard ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Gmerlin-general mailing list Gmerlin-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gmerlin-general
