CVE-2009-4632

Published: Feb 10, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

MDVSA-2011:088

vendor-advisory

x_refsource_MANDRIVA

36805

third-party-advisory

x_refsource_SECUNIA

36465

vdb-entry

x_refsource_BID

39482

third-party-advisory

x_refsource_SECUNIA

https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240

x_refsource_MISC

MDVSA-2011:061

vendor-advisory

x_refsource_MANDRIVA

MDVSA-2011:112

vendor-advisory

x_refsource_MANDRIVA

MDVSA-2011:114

vendor-advisory

x_refsource_MANDRIVA

http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html

x_refsource_MISC

38643

third-party-advisory

x_refsource_SECUNIA

ADV-2011-1241

vdb-entry

x_refsource_VUPEN

MDVSA-2011:060

vendor-advisory

x_refsource_MANDRIVA

DSA-2000

vendor-advisory

x_refsource_DEBIAN

USN-931-1

vendor-advisory

x_refsource_UBUNTU

ADV-2010-0935

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-4632

Description

Affected Products

References