CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
87.1%
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 11 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 999 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 13 | all | ffmpeg | < 0.cvs20050918-5.1 | ffmpeg_0.cvs20050918-5.1_all.deb |
Debian | 12 | all | mplayer | < 2:1.5+svn38408-1 | mplayer_2:1.5+svn38408-1_all.deb |
Debian | 11 | all | mplayer | < 2:1.4+ds1-1+deb11u1 | mplayer_2:1.4+ds1-1+deb11u1_all.deb |
Debian | 999 | all | mplayer | < 2:1.5+svn38542-1 | mplayer_2:1.5+svn38542-1_all.deb |
Debian | 12 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |
Debian | 11 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |
Debian | 999 | all | vlc | < 0.8.4.debian-2 | vlc_0.8.4.debian-2_all.deb |