CVE-2006-4800
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
96.5%
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
Affected configurations
References
bugs.gentoo.org/show_bug.cgi?id=133520
secunia.com/advisories/21921
secunia.com/advisories/22180
secunia.com/advisories/22181
secunia.com/advisories/22182
secunia.com/advisories/22198
secunia.com/advisories/22200
secunia.com/advisories/22201
secunia.com/advisories/22202
secunia.com/advisories/22203
secunia.com/advisories/22230
secunia.com/advisories/23010
secunia.com/advisories/23213
security.gentoo.org/glsa/glsa-200609-09.xml
www.mandriva.com/security/advisories?name=MDKSA-2006:173
www.mandriva.com/security/advisories?name=MDKSA-2006:174
www.mandriva.com/security/advisories?name=MDKSA-2006:175
www.mandriva.com/security/advisories?name=MDKSA-2006:176
www.novell.com/linux/security/advisories/2006_73_mono.html
www.securityfocus.com/bid/20009
www.ubuntu.com/usn/usn-358-1
www.us.debian.org/security/2006/dsa-1215
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
96.5%