Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4868

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-4868
Last Modified 26 Mar 2009 01:46:05
Published 31 Oct 2008 08:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4868

Summary

Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."

Vulnerable Systems

Application

  • Ffmpeg 0.3

  • Ffmpeg 0.3.1

  • Ffmpeg 0.3.2

  • Ffmpeg 0.3.3

  • Ffmpeg 0.3.4

  • Ffmpeg 0.4.0

  • Ffmpeg 0.4.2

  • Ffmpeg 0.4.3

  • Ffmpeg 0.4.4

  • Ffmpeg 0.4.5

  • Ffmpeg 0.4.6

  • Ffmpeg 0.4.7

  • Ffmpeg 0.4.8

  • Ffmpeg 0.4.9


References

XF - ffmpeg-avcodecclose-unspecified(46325)

MLIST - [oss-security] 20081029 Fwd: [Full-disclosure] [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities

GENTOO - GLSA-200903-33

SECUNIA - 34385

MLIST - [ffmpeg-cvslog] 20080816 r14787 - trunk/libavcodec/utils.c

FULLDISC - 20080905 [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities


Last Updated: 27 May 2016 10:48:39