Description
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
References (22)
Core 22
Core References
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:174
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22181
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_73_mono.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22230
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22201
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/20009
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23010
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-358-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23213
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22200
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22198
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:173
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21921
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:176
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.us.debian.org/security/2006/dsa-1215
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22182
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:175
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22180
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22203
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22202
Issue Tracking x_refsource_misc
http://bugs.gentoo.org/show_bug.cgi?id=133520
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200609-09.xml
Scores
EPSS
0.0630
EPSS Percentile
91.1%
Details
Status
published
Products (4)
ffmpeg/ffmpeg
0.4.6
ffmpeg/ffmpeg
0.4.7
ffmpeg/ffmpeg
0.4.8
ffmpeg/ffmpeg
0.4.9
Published
Sep 14, 2006
Tracked Since
Feb 18, 2026