7.5

CVE-2006-4800

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c.  NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FfmpegFfmpeg Version0.4.6
FfmpegFfmpeg Version0.4.7
FfmpegFfmpeg Version0.4.8
FfmpegFfmpeg Version0.4.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.9% 0.91
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22230
http://secunia.com/advisories/23010
http://secunia.com/advisories/23213
http://www.novell.com/linux/security/advisories/2006_73_mono.html
http://www.ubuntu.com/usn/usn-358-1
http://www.us.debian.org/security/2006/dsa-1215
http://bugs.gentoo.org/show_bug.cgi?id=133520
http://secunia.com/advisories/21921
Patch
Vendor Advisory
http://secunia.com/advisories/22180
http://secunia.com/advisories/22181
http://secunia.com/advisories/22182
http://secunia.com/advisories/22198
http://secunia.com/advisories/22200
http://secunia.com/advisories/22201
http://secunia.com/advisories/22202
http://secunia.com/advisories/22203
http://security.gentoo.org/glsa/glsa-200609-09.xml
Patch
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:173
http://www.mandriva.com/security/advisories?name=MDKSA-2006:174
http://www.mandriva.com/security/advisories?name=MDKSA-2006:175
http://www.mandriva.com/security/advisories?name=MDKSA-2006:176
http://www.securityfocus.com/bid/20009
Patch