CVSS: 9.8EPSS: 7%CPEs: 4EXPL: 0CVE-2006-4800
https://notcve.org/view.php?id=CVE-2006-4800
14 Sep 2006 — Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Múltiples desbordamientos de buffer en liba... • http://bugs.gentoo.org/show_bug.cgi?id=133520 •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
07 Dec 2005 — Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •