CVE-2005-4048
published 2005-12-07CVE-2005-4048: Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1)…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.21%
91.5th percentile
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ffmpeg | < ffmpeg 0.cvs20060329-1 (bookworm) | ffmpeg 0.cvs20060329-1 (bookworm) |
| debian | ffmpeg | < ffmpeg 0.cvs20050918-5.1 (bookworm) | ffmpeg 0.cvs20050918-5.1 (bookworm) |
| debian | mplayer | < ffmpeg 0.cvs20060329-1 (bookworm) | ffmpeg 0.cvs20060329-1 (bookworm) |
| debian | mplayer | < ffmpeg 0.cvs20050918-5.1 (bookworm) | ffmpeg 0.cvs20050918-5.1 (bookworm) |
| debian | vlc | < ffmpeg 0.cvs20050918-5.1 (bookworm) | ffmpeg 0.cvs20050918-5.1 (bookworm) |
| ffmpeg | ffmpeg | — | — |
| ffmpeg | ffmpeg | — | — |
| ffmpeg | ffmpeg | — | — |
| ffmpeg | ffmpeg | — | — |
| ffmpeg | ffmpeg | — | — |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20060329-1 | 0.cvs20060329-1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20050918-5.1 | 0.cvs20050918-5.1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20060329-1 | 0.cvs20060329-1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20050918-5.1 | 0.cvs20050918-5.1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20060329-1 | 0.cvs20060329-1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20050918-5.1 | 0.cvs20050918-5.1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20060329-1 | 0.cvs20060329-1 |
| ffmpeg | ffmpeg | >= 0 < 0.cvs20050918-5.1 | 0.cvs20050918-5.1 |
| mplayer | mplayer | >= 0 < 1.0~rc1-1 | 1.0~rc1-1 |
| mplayer | mplayer | >= 0 < 1.0~rc1-1 | 1.0~rc1-1 |
| mplayer | mplayer | >= 0 < 1.0~rc1-1 | 1.0~rc1-1 |
| mplayer | mplayer | >= 0 < 1.0~rc1-1 | 1.0~rc1-1 |
| videolan | vlc_media_player | >= 0 < 0.8.4.debian-2 | 0.8.4.debian-2 |
| videolan | vlc_media_player | >= 0 < 0.8.4.debian-2 | 0.8.4.debian-2 |
| videolan | vlc_media_player | >= 0 < 0.8.4.debian-2 | 0.8.4.debian-2 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7hpv-pj9m-wmwr: Buffer overflow in ffmpeg for xine-lib before 1
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-4799 [HIGH] GHSA-7hpv-pj9m-wmwr: Buffer overflow in ffmpeg for xine-lib before 1
Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
GHSA
GHSA-4qm4-cvh9-rfwh: Multiple buffer overflows in libavcodec in ffmpeg before 0
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-4800 [HIGH] GHSA-4qm4-cvh9-rfwh: Multiple buffer overflows in libavcodec in ffmpeg before 0
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
GHSA
GHSA-f7pg-m34f-mphj: Heap-based buffer overflow in the avcodec_default_get_buffer function (utils
ghsa_unreviewed·2022-05-01
CVE-2005-4048 [HIGH] CWE-119 GHSA-f7pg-m34f-mphj: Heap-based buffer overflow in the avcodec_default_get_buffer function (utils
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
OSV
CVE-2006-4800: Multiple buffer overflows in libavcodec in ffmpeg before 0
osv·2006-09-14·CVSS 7.5
CVE-2006-4800 [HIGH] CVE-2006-4800: Multiple buffer overflows in libavcodec in ffmpeg before 0
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
OSV
CVE-2005-4048: Heap-based buffer overflow in the avcodec_default_get_buffer function (utils
osv·2005-12-07·CVSS 7.5
CVE-2005-4048 [HIGH] CVE-2005-4048: Heap-based buffer overflow in the avcodec_default_get_buffer function (utils
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
Debian
CVE-2006-4800: ffmpeg - Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow r...
vendor_debian·2006·CVSS 7.5
CVE-2006-4800 [HIGH] CVE-2006-4800: ffmpeg - Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow r...
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
Scope: local
bookworm: resolved (fixed in 0.cvs20060329-1)
bullseye: resolved (fixed in 0.cvs20060329-1)
forky: resolved (fixed in 0.cvs20060329-1)
sid: resolved (fixed in 0.cvs20060329-1)
trixie: resolved (fixed in 0.cvs20060329-1)
Ubuntu
ffmpeg/xine-lib vulnerability
vendor_ubuntu·2005-12-16
CVE-2005-4048 ffmpeg/xine-lib vulnerability
Title: ffmpeg/xine-lib vulnerability
Summary: ffmpeg/xine-lib vulnerability
USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine
library contains a copy of the ffmpeg code, thus it is vulnerable to
the same flaw.
For reference, this is the original advisory:
Simon Kilvington discovered a buffer overflow in the
avcodec_default_get_buffer() function of the ffmpeg library. By
tricking an user into opening a malicious movie which contains
specially crafted PNG images, this could be exploited to execute
arbitrary code with the user's privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
ffmpeg vulnerability
vendor_ubuntu·2005-12-15
CVE-2005-4048 ffmpeg vulnerability
Title: ffmpeg vulnerability
Summary: ffmpeg vulnerability
Simon Kilvington discovered a buffer overflow in the
avcodec_default_get_buffer() function of the ffmpeg library. By
tricking an user into opening a malicious movie which contains
specially crafted PNG images, this could be exploited to execute
arbitrary code with the user's privileges.
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2005-4048: ffmpeg - Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) ...
vendor_debian·2005·CVSS 7.5
CVE-2005-4048 [HIGH] CVE-2005-4048: ffmpeg - Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) ...
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
Scope: local
bookworm: resolved (fixed in 0.cvs20050918-5.1)
bullseye: resolved (fixed in 0.cvs20050918-5.1)
forky: resolved (fixed in 0.cvs20050918-5.1)
sid: resolved (fixed in 0.cvs20050918-5.1)
trixie: resolved (fixed in 0.cvs20050918-5.1)
No detection rules found.
No public exploits indexed.
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558http://cvs.freedesktop.org/gstreamer/gst-ffmpeg/ChangeLog?rev=1.239&view=markuphttp://secunia.com/advisories/17892http://secunia.com/advisories/18066http://secunia.com/advisories/18087http://secunia.com/advisories/18107http://secunia.com/advisories/18400http://secunia.com/advisories/18739http://secunia.com/advisories/18746http://secunia.com/advisories/19114http://secunia.com/advisories/19192http://secunia.com/advisories/19272http://secunia.com/advisories/19279http://www.debian.org/security/2006/dsa-1004http://www.debian.org/security/2006/dsa-1005http://www.gentoo.org/security/en/glsa/glsa-200601-06.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200602-01.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200603-03.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:228http://www.mandriva.com/security/advisories?name=MDKSA-2005:229http://www.mandriva.com/security/advisories?name=MDKSA-2005:230http://www.mandriva.com/security/advisories?name=MDKSA-2005:231http://www.mandriva.com/security/advisories?name=MDKSA-2005:232http://www.securityfocus.com/bid/15743http://www.us.debian.org/security/2006/dsa-992http://www.vupen.com/english/advisories/2005/2770http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeghttp://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/utils.c?rev=1.162&content-type=text/x-cvsweb-markup&cvsroot=FFMpeghttps://usn.ubuntu.com/230-1/https://usn.ubuntu.com/230-2/http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558http://cvs.freedesktop.org/gstreamer/gst-ffmpeg/ChangeLog?rev=1.239&view=markuphttp://secunia.com/advisories/17892http://secunia.com/advisories/18066http://secunia.com/advisories/18087http://secunia.com/advisories/18107http://secunia.com/advisories/18400http://secunia.com/advisories/18739http://secunia.com/advisories/18746http://secunia.com/advisories/19114http://secunia.com/advisories/19192http://secunia.com/advisories/19272http://secunia.com/advisories/19279http://www.debian.org/security/2006/dsa-1004http://www.debian.org/security/2006/dsa-1005http://www.gentoo.org/security/en/glsa/glsa-200601-06.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200602-01.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200603-03.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:228http://www.mandriva.com/security/advisories?name=MDKSA-2005:229http://www.mandriva.com/security/advisories?name=MDKSA-2005:230http://www.mandriva.com/security/advisories?name=MDKSA-2005:231http://www.mandriva.com/security/advisories?name=MDKSA-2005:232http://www.securityfocus.com/bid/15743http://www.us.debian.org/security/2006/dsa-992http://www.vupen.com/english/advisories/2005/2770http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeghttp://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/utils.c?rev=1.162&content-type=text/x-cvsweb-markup&cvsroot=FFMpeghttps://usn.ubuntu.com/230-1/https://usn.ubuntu.com/230-2/
2005-12-07
Published