Language Selection

English French German Italian Portuguese Spanish

Alleged critical holes in Xvid

Filed under
Security

According to reports from several security services, the Xvid 1.1.2 Video Codec Library has a security hole which attackers could use to gain control over a PC. For a successful attack, a victim only needs to open a prepared Xvid-AVI file with an application which makes calls to the library. Both Windows and Linux applications are affected.

The errors are located in the file mbcoding.c in the get_intra_block, get_inter_block_h263 and get_inter_block_mpeg functions. Array indexing errors can lead to an overrun which throws parts of the memory into confusion.

The problem is not restricted to AVI files alone but also affects all container formats such as MP4, Ogg and Matroska.

More Here.




More in Tux Machines

Openwashing

Games for GNU/Linux

Security News

Tablet review: BQ Aquaris M10 Ubuntu Edition

The Aquaris M10 is very much a first attempt for BQ and you would expect future iterations to have some significant improvements. It’s also hard to find compelling reasons why iOS or Android fans would want to switch over to an Ubuntu tablet, but those familiar with the operating system should be excited to finally have their needs met in the tablet market. One positive factor is that switching between tablet and desktop mode works very well for the most part, so can definitely fulfill professional needs as much as casual ones. This could be a viable option for someone who wants that flexibility and isn’t too fussed about some of the more superficial features. Read more