Language Selection

English French German Italian Portuguese Spanish

Alleged critical holes in Xvid

Filed under
Security

According to reports from several security services, the Xvid 1.1.2 Video Codec Library has a security hole which attackers could use to gain control over a PC. For a successful attack, a victim only needs to open a prepared Xvid-AVI file with an application which makes calls to the library. Both Windows and Linux applications are affected.

The errors are located in the file mbcoding.c in the get_intra_block, get_inter_block_h263 and get_inter_block_mpeg functions. Array indexing errors can lead to an overrun which throws parts of the memory into confusion.

The problem is not restricted to AVI files alone but also affects all container formats such as MP4, Ogg and Matroska.

More Here.




More in Tux Machines

KDE Plasma 5.7.2 Introduces Lots of Plasma Workspace Improvements, KWin Fixes

KDE released the second maintenance update for the KDE Plasma 5.7 desktop environment series, which has already been adopted by several popular GNU/Linux operating systems. Read more

Gain access to an ARM server running Linux OS, through the cloud

The Linaro Developer Cloud has gone live, and users can apply to test an ARM-based server with Linux Read more

SparkyLinux Now Lets Users Test Drive Linux Kernel 4.7, Here's How to Install It

Just one day after the announcement of the GA release of the Linux 4.7 kernel, the SparkyLinux developers inform their users that they can now test drive the new kernel from the unstable repository. Read more

Clear Linux Is Among the First Distros to Adopt Kernel 4.7, X.Org Server 1.18.4

Today, July 26, 2016, Softpedia was informed by the Clear Linux team about the availability of new software updates for the GNU/Linux operating system designed for the Intel architecture. Read more