Lucene search

[email protected]CVE-2009-4637

HistoryFeb 10, 2010 - 2:30 a.m.

CVE-2009-4637

2010-02-1002:30:00

CWE-119

[email protected]

web.nvd.nist.gov

ffmpeg

cve-2009-4637

denial of service

remote attack

arbitrary code execution

buffer overflow

nvd

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.166 Low

EPSS

Percentile

96.1%

JSON

FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.

Affected configurations

NVD

Node

ffmpegffmpegMatch0.5

CPENameOperatorVersion
ffmpeg:ffmpegffmpegeq0.5

CPE	Name	Operator	Version
ffmpeg:ffmpeg	ffmpeg	eq	0.5

References

scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html

secunia.com/advisories/36805

secunia.com/advisories/38643

secunia.com/advisories/39482

www.debian.org/security/2010/dsa-2000

www.securityfocus.com/bid/36465

www.ubuntu.com/usn/USN-931-1

www.vupen.com/english/advisories/2010/0935

roundup.ffmpeg.org/roundup/ffmpeg/issue1240

9.5 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.166 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2009-4637

debiancve1 cvelist1 prion1 ubuntucve1 nvd1 openvas7 ubuntu1 nessus3 osv1 debian1 seebug1 gentoo1