CVE-2008-4868 — Ffmpeg vulnerability

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

0.7%

top 27.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mplayer Debian Ffmpeg Debian Mplayer +1 more

Timeline

PublishedNov 1

Latest updateMay 17

Description

Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶debiandebian/ffmpeg< mplayer 1.0~rc2-14 (bookworm)

▶debiandebian/mplayer< mplayer 1.0~rc2-14 (bookworm)

▶Debianmplayer/mplayer< 1.0~rc2-14+3

▶NVDffmpeg/ffmpeg0.4.9+13

🔴Vulnerability Details

GHSA

GHSA-gr66-3j29-5vv2: Unspecified vulnerability in the avcodec_close function in libavcodec/utils↗2022-05-17

▶

OSV

CVE-2008-4868: Unspecified vulnerability in the avcodec_close function in libavcodec/utils↗2008-11-01

▶

📋Vendor Advisories

Debian

CVE-2008-4868: ffmpeg - Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in...↗2008

▶