Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 11 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 10 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 999 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 13 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 12 | all | mplayer | < 2:1.5+svn38408-1 | mplayer_2:1.5+svn38408-1_all.deb |
Debian | 11 | all | mplayer | < 2:1.4+ds1-1+deb11u1 | mplayer_2:1.4+ds1-1+deb11u1_all.deb |
Debian | 10 | all | mplayer | < 2:1.3.0-8 | mplayer_2:1.3.0-8_all.deb |
Debian | 999 | all | mplayer | < 2:1.5+svn38446-2 | mplayer_2:1.5+svn38446-2_all.deb |
Debian | 13 | all | mplayer | < 2:1.5+svn38446-2 | mplayer_2:1.5+svn38446-2_all.deb |