Lucene search

[email protected]CVE-2009-4637

HistoryFeb 10, 2010 - 2:30 a.m.

CVE-2009-4637

2010-02-1002:30:00

CWE-119

[email protected]

web.nvd.nist.gov

ffmpeg

cve-2009-4637

denial of service

remote attack

arbitrary code execution

buffer overflow

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.166 Low

EPSS

Percentile

96.1%

JSON

FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.

Affected configurations

NVD

Node

ffmpegffmpegMatch0.5

CPENameOperatorVersion
ffmpeg:ffmpegffmpegeq0.5

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	eq	0.5

References

scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html

secunia.com/advisories/36805

secunia.com/advisories/38643

secunia.com/advisories/39482

www.debian.org/security/2010/dsa-2000

www.securityfocus.com/bid/36465

www.ubuntu.com/usn/USN-931-1

www.vupen.com/english/advisories/2010/0935

roundup.ffmpeg.org/roundup/ffmpeg/issue1240

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.166 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2009-4637

ubuntucve1 prion1 nvd1 cvelist1 debiancve1 ubuntu1 openvas7 nessus3 debian1 osv1 seebug1 gentoo1