ID CVE-2009-4634 Type cve Reporter NVD Modified 2011-10-25T22:44:04
Description
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream.
{"assessment": {"system": "", "name": "", "href": ""}, "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "type": "cve", "viewCount": 1, "bulletinFamily": "NVD", "scanner": [], "edition": 1, "cvelist": ["CVE-2009-4634"], "published": "2010-02-09T21:30:00", "objectVersion": "1.2", "history": [], "title": "CVE-2009-4634", "reporter": "NVD", "hash": "8be6f987ecbd3a699034fccad915030b2936d65d80bb928f0755b7622049aab9", "lastseen": "2016-09-03T13:14:34", "id": "CVE-2009-4634", "description": "Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream.", "modified": "2011-10-25T22:44:04", "references": ["http://www.mandriva.com/security/advisories?name=MDVSA-2011:059", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061", "http://www.securityfocus.com/bid/36465", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112", "http://www.debian.org/security/2010/dsa-2000", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060", "http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088", "http://www.vupen.com/english/advisories/2011/1241", "http://www.ubuntu.com/usn/USN-931-1", "https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240", "http://www.vupen.com/english/advisories/2010/0935"], "cpe": ["cpe:/a:ffmpeg:ffmpeg:0.5"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4634", "enchantments": {"vulnersScore": 6.8}}
{"result": {"nessus": [{"id": "MANDRIVA_MDVSA-2011-060.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : ffmpeg (MDVSA-2011:060)", "description": "Multiple vulnerabilities has been identified and fixed in ffmpeg :\n\noggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632)\n\nvorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633)\n\nMultiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635)\n\nThe av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. (CVE-2009-4639)\n\nArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.\n(CVE-2009-4640)\n\nflicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429)\n\nlibavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704)\n\nAnd several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory.\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.", "published": "2011-04-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=53272", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2011-2162", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2017-10-29T13:43:57"}, {"id": "UBUNTU_USN-931-1.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : ffmpeg, ffmpeg-debian vulnerabilities (USN-931-1)", "description": "It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-04-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=45575", "cvelist": ["CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2017-10-29T13:33:55"}, {"id": "DEBIAN_DSA-2000.NASL", "type": "nessus", "title": "Debian DSA-2000-1 : ffmpeg-debian - several vulnerabilities", "description": "Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer :\n\nVarious programming errors in container and codec implementations may lead to denial of service or the execution of arbitrary code if the user is tricked into opening a malformed media file or stream.\n\nThe implementations of the following affected codecs and container formats have been updated :\n\n - the Vorbis audio codec\n - the Ogg container implementation\n\n - the FF Video 1 codec\n\n - the MPEG audio codec\n\n - the H264 video codec\n\n - the MOV container implementation\n\n - the Oggedc container implementation", "published": "2010-02-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44864", "cvelist": ["CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4631", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2017-10-29T13:34:56"}, {"id": "MANDRIVA_MDVSA-2011-088.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : mplayer (MDVSA-2011:088)", "description": "Multiple vulnerabilities have been identified and fixed in mplayer :\n\noggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632)\n\nvorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633)\n\nMultiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636)\n\nThe av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. (CVE-2009-4639)\n\nArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.\n(CVE-2009-4640)\n\nflicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429)\n\nlibavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704)\n\nAnd several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory.\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.", "published": "2011-05-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=54289", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2017-10-29T13:40:19"}, {"id": "MANDRIVA_MDVSA-2011-114.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : blender (MDVSA-2011:114)", "description": "Multiple vulnerabilities have been identified and fixed in blender :\n\noggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632)\n\nvorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633)\n\nMultiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636)\n\nArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.\n(CVE-2009-4640)\n\nflicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429)\n\nlibavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704)\n\nFix heap corruption crashes (CVE-2011-0722)\n\nFix invalid reads in VC-1 decoding (CVE-2011-0723)\n\nThe updated packages have been patched to correct these issues.", "published": "2011-07-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=55615", "cvelist": ["CVE-2011-0723", "CVE-2010-3429", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2011-0722", "CVE-2009-4636"], "lastseen": "2017-10-29T13:35:13"}, {"id": "MANDRIVA_MDVSA-2011-061.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : ffmpeg (MDVSA-2011:061)", "description": "Multiple vulnerabilities has been identified and fixed in ffmpeg :\n\noggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632)\n\nvorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633)\n\nMultiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636)\n\nThe av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. (CVE-2009-4639)\n\nArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.\n(CVE-2009-4640)\n\nflicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429)\n\nFix memory corruption in WMV parsing (CVE-2010-3908)\n\nlibavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704)\n\nMultiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. (CVE-2011-0480)\n\nFix heap corruption crashes (CVE-2011-0722)\n\nFix invalid reads in VC-1 decoding (CVE-2011-0723)\n\nAnd several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory.\n\nThe updated packages have been patched to correct these issues.", "published": "2011-04-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=53273", "cvelist": ["CVE-2011-0723", "CVE-2011-0480", "CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2011-0722", "CVE-2009-4636", "CVE-2010-3908"], "lastseen": "2017-10-29T13:42:56"}, {"id": "MANDRIVA_MDVSA-2011-112.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : blender (MDVSA-2011:112)", "description": "Multiple vulnerabilities have been identified and fixed in blender :\n\noggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632)\n\nvorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633)\n\nMultiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635)\n\nFFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636)\n\nThe av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. (CVE-2009-4639)\n\nArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.\n(CVE-2009-4640)\n\nflicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429)\n\nlibavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704)\n\nFix invalid reads in VC-1 decoding (CVE-2011-0723)\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been patched to correct these issues.", "published": "2011-07-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=55614", "cvelist": ["CVE-2011-0723", "CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2017-10-29T13:36:16"}, {"id": "GENTOO_GLSA-201310-12.NASL", "type": "nessus", "title": "GLSA-201310-12 : FFmpeg: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201310-12 (FFmpeg: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted media file, possibly leading to the execution of arbitrary code with the privileges of the user running the application or a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "published": "2013-10-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=70647", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2011-3940", "CVE-2011-3947", "CVE-2011-1931", "CVE-2009-4637", "CVE-2012-2773", "CVE-2012-2781", "CVE-2012-2778", "CVE-2009-4638", "CVE-2013-3673", "CVE-2010-3429", "CVE-2013-3674", "CVE-2011-3950", "CVE-2009-4639", "CVE-2009-4633", "CVE-2012-2789", "CVE-2013-3675", "CVE-2009-4635", "CVE-2012-2802", "CVE-2012-2805", "CVE-2012-2797", "CVE-2011-3951", "CVE-2012-2793", "CVE-2010-4704", "CVE-2012-2779", "CVE-2012-2771", "CVE-2012-2782", "CVE-2013-3672", "CVE-2012-2800", "CVE-2011-3934", "CVE-2012-2792", "CVE-2009-4634", "CVE-2012-2772", "CVE-2012-2788", "CVE-2011-3944", "CVE-2011-3893", "CVE-2011-3941", "CVE-2012-2786", "CVE-2011-4351", "CVE-2013-3670", "CVE-2012-2777", "CVE-2009-4631", "CVE-2012-2775", "CVE-2012-2790", "CVE-2011-3973", "CVE-2012-2803", "CVE-2009-4640", "CVE-2011-3929", "CVE-2012-2795", "CVE-2011-4364", "CVE-2012-2784", "CVE-2009-4632", "CVE-2011-3895", "CVE-2012-2801", "CVE-2010-4705", "CVE-2011-4353", "CVE-2011-3945", "CVE-2011-3974", "CVE-2011-3935", "CVE-2011-3362", "CVE-2012-2783", "CVE-2012-2774", "CVE-2012-2785", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2780", "CVE-2009-4636", "CVE-2012-2794", "CVE-2012-2804", "CVE-2012-2776", "CVE-2011-4352", "CVE-2012-2791", "CVE-2013-3671", "CVE-2011-3949", "CVE-2010-3908", "CVE-2012-2799", "CVE-2012-2798", "CVE-2011-3946"], "lastseen": "2018-01-27T03:13:28"}], "debian": [{"id": "DSA-2000", "type": "debian", "title": "ffmpeg-debian -- several vulnerabilities", "description": "Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder, which also provides a range of multimedia libraries used in applications like MPlayer:\n\nVarious programming errors in container and codec implementations may lead to denial of service or the execution of arbitrary code if the user is tricked into opening a malformed media file or stream.\n\nThe implementations of the following affected codecs and container formats have been updated:\n\n * the Vorbis audio codec\n * the Ogg container implementation\n * the FF Video 1 codec\n * the MPEG audio codec\n * the H264 video codec\n * the MOV container implementation\n * the Oggedc container implementation\n\nFor the stable distribution (lenny), these problems have been fixed in version 0.svn20080206-18+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 4:0.5+svn20090706-5.\n\nWe recommend that you upgrade your ffmpeg packages.", "published": "2010-02-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2000", "cvelist": ["CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4631", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2016-09-02T18:28:10"}], "openvas": [{"id": "OPENVAS:66953", "type": "openvas", "title": "Debian Security Advisory DSA 2000-1 (ffmpeg-debian)", "description": "The remote host is missing an update to ffmpeg-debian\nannounced via advisory DSA 2000-1.", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66953", "cvelist": ["CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4631", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2017-07-24T12:49:26"}, {"id": "OPENVAS:840423", "type": "openvas", "title": "Ubuntu Update for ffmpeg, ffmpeg-debian vulnerabilities USN-931-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-931-1", "published": "2010-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840423", "cvelist": ["CVE-2009-4637", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2017-12-04T11:18:20"}, {"id": "OPENVAS:831391", "type": "openvas", "title": "Mandriva Update for mplayer MDVSA-2011:088 (mplayer)", "description": "Check for the Version of mplayer", "published": "2011-05-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831391", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2017-10-30T10:54:26"}, {"id": "OPENVAS:1361412562310840423", "type": "openvas", "title": "Ubuntu Update for ffmpeg, ffmpeg-debian vulnerabilities USN-931-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-931-1", "published": "2010-04-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840423", "cvelist": ["CVE-2009-4637", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2018-01-25T10:55:35"}, {"id": "OPENVAS:136141256231066953", "type": "openvas", "title": "Debian Security Advisory DSA 2000-1 (ffmpeg-debian)", "description": "The remote host is missing an update to ffmpeg-debian\nannounced via advisory DSA 2000-1.", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066953", "cvelist": ["CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4631", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2018-01-06T13:05:16"}, {"id": "OPENVAS:1361412562310831358", "type": "openvas", "title": "Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)", "description": "Check for the Version of ffmpeg", "published": "2011-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831358", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2018-04-09T11:37:25"}, {"id": "OPENVAS:831358", "type": "openvas", "title": "Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)", "description": "Check for the Version of ffmpeg", "published": "2011-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831358", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2017-10-30T10:54:27"}, {"id": "OPENVAS:1361412562310831391", "type": "openvas", "title": "Mandriva Update for mplayer MDVSA-2011:088 (mplayer)", "description": "Check for the Version of mplayer", "published": "2011-05-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831391", "cvelist": ["CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2009-4636"], "lastseen": "2018-04-09T11:37:21"}, {"id": "OPENVAS:831359", "type": "openvas", "title": "Mandriva Update for ffmpeg MDVSA-2011:061 (ffmpeg)", "description": "Check for the Version of ffmpeg", "published": "2011-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831359", "cvelist": ["CVE-2011-0723", "CVE-2011-0480", "CVE-2010-3429", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2011-0722", "CVE-2009-4636", "CVE-2010-3908"], "lastseen": "2017-07-24T12:55:57"}, {"id": "OPENVAS:831427", "type": "openvas", "title": "Mandriva Update for blender MDVSA-2011:114 (blender)", "description": "Check for the Version of blender", "published": "2011-07-22T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=831427", "cvelist": ["CVE-2011-0723", "CVE-2010-3429", "CVE-2009-4633", "CVE-2009-4635", "CVE-2010-4704", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632", "CVE-2011-0722", "CVE-2009-4636"], "lastseen": "2017-07-24T12:55:38"}], "ubuntu": [{"id": "USN-931-1", "type": "ubuntu", "title": "FFmpeg vulnerabilities", "description": "It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.", "published": "2010-04-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/931-1/", "cvelist": ["CVE-2009-4637", "CVE-2009-4639", "CVE-2009-4633", "CVE-2009-4635", "CVE-2009-4634", "CVE-2009-4640", "CVE-2009-4632"], "lastseen": "2018-03-29T18:17:25"}], "seebug": [{"id": "SSV:19159", "type": "seebug", "title": "FFmpeg\u591a\u4e2a\u5a92\u4f53\u6587\u4ef6\u89e3\u6790\u62d2\u7edd\u670d\u52a1\u548c\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e", "description": "BUGTRAQ ID: 36465\r\nCVE ID: CVE-2009-4631,CVE-2009-4632,CVE-2009-4633,CVE-2009-4634,CVE-2009-4635,CVE-2009-4636,CVE-2009-4637,CVE-2009-4638,CVE-2009-4639,CVE-2009-4640\r\n\r\nFFmpeg\u662f\u4e00\u5957\u5bf9\u97f3\u9891\u548c\u89c6\u9891\u8fdb\u884c\u89e3\u7801\u5f55\u5236\u8f6c\u6362\u7684\u5b8c\u6574\u65b9\u6848\u3002\r\n\r\nffmpeg\u89e3\u6790\u5404\u79cd\u5a92\u4f53\u6587\u4ef6\u65f6\u5b58\u5728\u591a\u4e2a\u7a7a\u6307\u9488\u5f15\u7528\u3001\u5185\u5b58\u8d8a\u754c\u6216\u6b7b\u5faa\u73af\u7b49\u6f0f\u6d1e\uff0c\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\n1) \u89e3\u6790AVI\u3001.ogv\u548c.wmv\u6587\u4ef6\u65f6\u7684\u7a7a\u6307\u9488\u5f15\u7528\u548c0\u9664\u6570\u9519\u8bef\u53ef\u80fd\u5bfc\u81f4\u5d29\u6e83\u3002\r\n\r\n2) \u5904\u7406.ogv\u6587\u4ef6\u548cmjpg\u7f16\u7801AVI\u6587\u4ef6\u65f6\u7684\u9519\u8bef\u53ef\u80fd\u5bfc\u81f4\u5f15\u7528\u65e0\u6548\u7684\u5185\u5b58\u3002\r\n\r\n3) \u5904\u7406iv32\u7f16\u7801\u7684AVI\u6587\u4ef6\u548c.mp4\u6587\u4ef6\u65f6\u7684\u5806\u5185\u5b58\u7834\u574f\u53ef\u80fd\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\n4) \u5904\u7406.ogv\u6587\u4ef6\u65f6\u7684\u9519\u8bef\u53ef\u80fd\u89e6\u53d1\u6b7b\u5faa\u73af\u3002\r\n\r\n5) \u5904\u7406h264\u7f16\u7801\u7684AVI\u6587\u4ef6\u65f6\u7684\u9519\u8bef\u53ef\u80fd\u89e6\u53d1\u6d6e\u70b9\u5f02\u5e38\u3002\r\n\r\n6) \u89e3\u6790MOV\u539f\u5b50\u53ef\u80fd\u89e6\u53d1\u7a7a\u6307\u9488\u5f15\u7528\u3002\r\n\r\n7) AAC\u7f16\u7801\u89e3\u7801\u5668\u4e2d\u7684\u9519\u8bef\u53ef\u80fd\u89e6\u53d1\u8d8a\u754c\u8bfb\u53d6\u3002\r\n\r\n8) mov_read_dref()\u51fd\u6570\u5728\u89e3\u6790.mp4\u6587\u4ef6\u53ef\u80fd\u5bfc\u81f4\u6302\u8d77\u3002\r\n\r\n9) \u5904\u7406.ogv\u6587\u4ef6\u65f6\u7684\u5185\u5b58\u7834\u574f\u53ef\u80fd\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nFFmpeg 0.5\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nFFmpeg\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://src.chromium.org/viewvc/chrome/trunk/deps/third_party/ffmpeg/?view=log", "published": "2010-02-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-19159", "cvelist": ["CVE-2009-4631", "CVE-2009-4632", "CVE-2009-4633", "CVE-2009-4634", "CVE-2009-4635", "CVE-2009-4636", "CVE-2009-4637", "CVE-2009-4638", "CVE-2009-4639", "CVE-2009-4640"], "lastseen": "2017-11-19T18:14:10"}], "gentoo": [{"id": "GLSA-201310-12", "type": "gentoo", "title": "FFmpeg: Multiple vulnerabilities", "description": "### Background\n\nFFmpeg is a complete solution to record, convert and stream audio and video. \n\n### Description\n\nMultiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers and FFmpeg changelogs referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted media file, possibly leading to the execution of arbitrary code with the privileges of the user running the application or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll FFmpeg users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/ffmpeg-1.0.7\"", "published": "2013-10-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201310-12", "cvelist": ["CVE-2011-3937", "CVE-2011-3936", "CVE-2011-3952", "CVE-2011-3940", "CVE-2011-3947", "CVE-2011-1931", "CVE-2009-4637", "CVE-2012-2773", "CVE-2012-2781", "CVE-2012-2778", "CVE-2009-4638", "CVE-2013-3673", "CVE-2010-3429", "CVE-2013-3674", "CVE-2011-3950", "CVE-2009-4639", "CVE-2009-4633", "CVE-2012-2789", "CVE-2013-3675", "CVE-2009-4635", "CVE-2012-2802", "CVE-2012-2805", "CVE-2012-2797", "CVE-2011-3951", "CVE-2012-2793", "CVE-2010-4704", "CVE-2012-2779", "CVE-2012-2771", "CVE-2012-2782", "CVE-2013-3672", "CVE-2012-2800", "CVE-2011-3934", "CVE-2012-2792", "CVE-2009-4634", "CVE-2012-2772", "CVE-2012-2788", "CVE-2011-3944", "CVE-2011-3893", "CVE-2011-3941", "CVE-2012-2786", "CVE-2011-4351", "CVE-2013-3670", "CVE-2012-2777", "CVE-2009-4631", "CVE-2012-2775", "CVE-2012-2790", "CVE-2011-3973", "CVE-2012-2803", "CVE-2009-4640", "CVE-2011-3929", "CVE-2012-2795", "CVE-2011-4364", "CVE-2012-2784", "CVE-2009-4632", "CVE-2011-3895", "CVE-2012-2801", "CVE-2010-4705", "CVE-2011-4353", "CVE-2011-3945", "CVE-2011-3974", "CVE-2011-3935", "CVE-2011-3362", "CVE-2012-2783", "CVE-2012-2774", "CVE-2012-2785", "CVE-2012-2787", "CVE-2012-2796", "CVE-2012-0947", "CVE-2012-2780", "CVE-2009-4636", "CVE-2012-2794", "CVE-2012-2804", "CVE-2012-2776", "CVE-2011-4352", "CVE-2012-2791", "CVE-2013-3671", "CVE-2011-3949", "CVE-2010-3908", "CVE-2012-2799", "CVE-2012-2798", "CVE-2011-3946"], "lastseen": "2016-09-06T19:46:42"}]}}
