Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-4048HistoryDec 07, 2005 - 11:03 a.m.
CVE-2005-4048
2005-12-0711:03:00
Debian Security Bug Tracker
security-tracker.debian.org
16
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
87.1%
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
| Debian | 11 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
| Debian | 999 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
| Debian | 13 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
| Debian | 12 | all | mplayer | < 2:1.5+svn38408-1 | mplayer_2:1.5+svn38408-1_all.deb |
| Debian | 11 | all | mplayer | < 2:1.4+ds1-1+deb11u1 | mplayer_2:1.4+ds1-1+deb11u1_all.deb |
| Debian | 999 | all | mplayer | < 2:1.5+svn38542-1 | mplayer_2:1.5+svn38542-1_all.deb |
| Debian | 12 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |
| Debian | 11 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |
| Debian | 999 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |
Related
debian
debian
[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
2006-03-16 21:54:34
[SECURITY] [DSA 1005-1] New xine-lib packages fix arbitrary code execution
2006-03-16 21:54:34
[SECURITY] [DSA 1004-1] New vlc packages fix arbitrary code execution
2006-03-16 16:16:44
nessus
nessus
Mandrake Linux Security Advisory : mplayer (MDKSA-2005:230)
2006-01-15 00:00:00
GLSA-200602-01 : GStreamer FFmpeg plugin: Heap-based buffer overflow
2006-02-06 00:00:00
GLSA-200601-06 : xine-lib, FFmpeg: Heap-based buffer overflow
2006-01-15 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-992-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200601-06 (xine-lib ffmpeg)
2008-09-24 00:00:00
Debian Security Advisory DSA 1005-1 (xine-lib)
2008-01-17 00:00:00
cvelist
cvelist
securityvulns
securityvulns
nvd
nvd
gentoo
gentoo
xine-lib, FFmpeg: Heap-based buffer overflow
2006-01-10 00:00:00
GStreamer FFmpeg plugin: Heap-based buffer overflow
2006-02-05 00:00:00
MPlayer: Multiple integer overflows
2006-03-04 00:00:00
ubuntu
ubuntu
ffmpeg vulnerability
2005-12-15 00:00:00
ffmpeg/xine-lib vulnerability
2005-12-16 00:00:00
ubuntucve
ubuntucve
osv
osv
vlc - buffer overflow
2006-03-16 00:00:00
xine-lib - buffer overflow
2006-03-16 00:00:00
cve
cve
slackware
slackware
[slackware-security] xine-lib
2006-07-26 21:25:49
debiancve
debiancve
CVE-2006-4800
2006-09-14 22:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
87.1%
Related for DEBIANCVE:CVE-2005-4048