[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)

Good day.

Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:
> In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
> in ffdshow which affects all available internet browsers.
Really?  And links, elinks, lynx, dillo and others are affected too?
What about my Firefox that (I assume) has no ffdshow code inside it and
there are no ffdshow-related plugins coupled to it?  Is it vulnerable?

I am really appreciate that you're searching for the issues and
releasing advisories -- thanks for doing this!  But, please, use the
appropriate wording, or your advisories will lead to controversial

Sorry for being a bit bluffy :(