[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4800Date: (C)2006-09-14   (M)2023-12-22


Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-20009
SECUNIA-21921
SECUNIA-22180
SECUNIA-22181
SECUNIA-22182
SECUNIA-22198
SECUNIA-22200
SECUNIA-22201
SECUNIA-22202
SECUNIA-22203
SECUNIA-22230
SECUNIA-23010
SECUNIA-23213
DSA-1215
GLSA-200609-09
MDKSA-2006:173
MDKSA-2006:174
MDKSA-2006:175
MDKSA-2006:176
SUSE-SA:2006:073
USN-358-1
http://bugs.gentoo.org/show_bug.cgi?id=133520

CPE    4
cpe:/a:ffmpeg:ffmpeg:0.4.6
cpe:/a:ffmpeg:ffmpeg:0.4.7
cpe:/a:ffmpeg:ffmpeg:0.4.8
cpe:/a:ffmpeg:ffmpeg:0.4.9_pre1
...

© SecPod Technologies