cbcvebase.
CVE-2008-3162
published 2008-07-14

CVE-2008-3162: Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of…

PriorityP349critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
9.25%
94.7th percentile
Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

Affected

19 ranges
VendorProductVersion rangeFixed in
debianffmpeg< ffmpeg 0.svn20080206-10 (bookworm)ffmpeg 0.svn20080206-10 (bookworm)
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg
ffmpegffmpeg>= 0 < 0.svn20080206-100.svn20080206-10
ffmpegffmpeg>= 0 < 0.svn20080206-100.svn20080206-10
ffmpegffmpeg>= 0 < 0.svn20080206-100.svn20080206-10
ffmpegffmpeg>= 0 < 0.svn20080206-100.svn20080206-10

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.