9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.495 Medium
EPSS
Percentile
97.5%
Secunia reports:
Tobias Klein has reported a vulnerability in FFmpeg, which
potentially can be exploited by malicious people to compromise an
application using the library.
The vulnerability is caused due to a signedness error within the
βfourxm_read_header()β function in libavformat/4xm.c. This can be
exploited to corrupt arbitrary memory via a specially crafted 4xm
file.