CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
96.3%
Added: 03/25/2009
CVE: CVE-2008-5381
BID: 32438
OSVDB: 50064
ffdshow tryouts (also known just as ffdshow) is an audio and video decoder for Windows.
A buffer overflow vulnerability allows command execution when a user opens a media stream with a long, specially crafted URL link.
Upgrade to the latest version of ffdshow.
<http://archives.neohapsis.com/archives/bugtraq/2008-11/0182.html>
Exploit works on ffdshow rev2322 and requires a user to load the exploit page in a web browser.
Windows