Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
bugs.gentoo.org/show_bug.cgi?id=133520
secunia.com/advisories/21921
secunia.com/advisories/22180
secunia.com/advisories/22181
secunia.com/advisories/22182
secunia.com/advisories/22198
secunia.com/advisories/22200
secunia.com/advisories/22201
secunia.com/advisories/22202
secunia.com/advisories/22203
secunia.com/advisories/22230
secunia.com/advisories/23010
secunia.com/advisories/23213
security.gentoo.org/glsa/glsa-200609-09.xml
www.mandriva.com/security/advisories?name=MDKSA-2006:173
www.mandriva.com/security/advisories?name=MDKSA-2006:174
www.mandriva.com/security/advisories?name=MDKSA-2006:175
www.mandriva.com/security/advisories?name=MDKSA-2006:176
www.novell.com/linux/security/advisories/2006_73_mono.html
www.securityfocus.com/bid/20009
www.ubuntu.com/usn/usn-358-1
www.us.debian.org/security/2006/dsa-1215