Lucene search
Gentoo FoundationGLSA-200609-09HistorySep 13, 2006 - 12:00 a.m.
FFmpeg: Buffer overflows
2006-09-1300:00:00
Gentoo Foundation
security.gentoo.org
14
0.072 Low
EPSS
Percentile
94.0%
Background
FFmpeg is a very fast video and audio converter.
Description
FFmpeg contains buffer overflows in the AVI processing code.
Impact
An attacker could trigger the buffer overflows by enticing a user to load a specially crafted AVI file in an application using the FFmpeg library. This might result in the execution of arbitrary code in the context of the running application.
Workaround
There is no known workaround at this time.
Resolution
All FFmpeg users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/ffmpeg-0.4.9_p20060530"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | media-video/ffmpeg | < 0.4.9_p20060530 | UNKNOWN |
Related
osv
osv
xine-lib
2006-11-20 00:00:00
nessus
nessus
openSUSE 10 Security Update : xine-lib (xine-lib-2308)
2007-10-17 00:00:00
GLSA-200609-09 : FFmpeg: Buffer overflows
2006-09-15 00:00:00
Ubuntu 5.04 / 5.10 / 6.06 LTS : ffmpeg, xine-lib vulnerabilities (USN-358-1)
2007-11-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200609-09 (ffmpeg)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1215)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200609-09 (ffmpeg)
2008-09-24 00:00:00
debian
debian
ubuntu
ubuntu
ffmpeg, xine-lib vulnerabilities
2006-10-05 00:00:00
suse
suse
local privilege escalation in mono-core
2006-12-01 17:34:31
cvelist
cvelist
CVE-2006-4799
2006-09-14 21:00:00
CVE-2006-4800
2006-09-14 22:00:00
cve
cve
CVE-2006-4799
2006-09-14 21:07:00
CVE-2006-4800
2006-09-14 22:07:00
ubuntucve
ubuntucve
CVE-2006-4799
2006-09-14 00:00:00
CVE-2006-4800
2006-09-14 00:00:00
debiancve
debiancve
CVE-2006-4800
2006-09-14 22:07:00