ID CVE-2006-4800
Summary Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
References
Vulnerable Configurations
  • cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 20009
debian DSA-1215
gentoo GLSA-200609-09
mandriva
  • MDKSA-2006:173
  • MDKSA-2006:174
  • MDKSA-2006:175
  • MDKSA-2006:176
misc http://bugs.gentoo.org/show_bug.cgi?id=133520
secunia
  • 21921
  • 22180
  • 22181
  • 22182
  • 22198
  • 22200
  • 22201
  • 22202
  • 22203
  • 22230
  • 23010
  • 23213
suse SUSE-SA:2006:073
ubuntu USN-358-1
Last major update 30-10-2018 - 16:25
Published 14-09-2006 - 22:07
Last modified 30-10-2018 - 16:25
Back to Top