Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4867

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4867
Last Modified 26 Mar 2009 01:46:04
Published 31 Oct 2008 08:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4867

Summary

Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.

Vulnerable Systems

Application

  • Ffmpeg 0.3

  • Ffmpeg 0.3.1

  • Ffmpeg 0.3.2

  • Ffmpeg 0.3.3

  • Ffmpeg 0.3.4

  • Ffmpeg 0.4.0

  • Ffmpeg 0.4.2

  • Ffmpeg 0.4.3

  • Ffmpeg 0.4.4

  • Ffmpeg 0.4.5

  • Ffmpeg 0.4.6

  • Ffmpeg 0.4.7

  • Ffmpeg 0.4.8

  • Ffmpeg 0.4.9


References

XF - ffmpeg-dca-bo(46324)

UBUNTU - USN-734-1

BID - 33308

MLIST - [oss-security] 20081029 Fwd: [Full-disclosure] [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities

MANDRIVA - MDVSA-2009:015

MANDRIVA - MDVSA-2009:014

MANDRIVA - MDVSA-2009:013

GENTOO - GLSA-200903-33

SECUNIA - 34385

SECUNIA - 34296

MLIST - [ffmpeg-cvslog] 20080823 r14917 - trunk/libavcodec/dca.c

FULLDISC - 20080905 [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities


Last Updated: 27 May 2016 10:48:39