Mandriva Linux Security Advisory 2009:335: ffmpeg

42

A vulnerability was discovered and corrected in ffmpeg:

MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated
by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as
demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718
(CVE-2008-4610).

Packages for 2008.0 are being provided due to extended support for
Corporate products.

This update provides a solution to this vulnerability.