USN-309-1: libmms vulnerability

Publication date

6 July 2006

Overview

libmms vulnerability

Releases


Details

Several buffer overflows were found in libmms. By tricking a user into
opening a specially crafted remote multimedia stream with an
application using libmms, a remote attacker could overwrite an
arbitrary memory portion with zeros, thereby crashing the program.

In Ubuntu 5.10, this affects the GStreamer MMS plugin
(gstreamer0.8-mms). Other Ubuntu releases do not support this library.

Several buffer overflows were found in libmms. By tricking a user into
opening a specially crafted remote multimedia stream with an
application using libmms, a remote attacker could overwrite an
arbitrary memory portion with zeros, thereby crashing the program.

In Ubuntu 5.10, this affects the GStreamer MMS plugin
(gstreamer0.8-mms). Other Ubuntu releases do not support this library.

Update instructions

In general, a standard system upgrade is sufficient to effect the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
5.10 breezy libmms0 –  0.1-0ubuntu1.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›