cbcvebase.
CVE-2009-4637
published 2010-02-10

CVE-2009-4637: FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based…

PriorityP259critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
17.04%
96.7th percentile
FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianffmpeg< ffmpeg 4:0.5+svn20090706-3 (bookworm)ffmpeg 4:0.5+svn20090706-3 (bookworm)
ffmpegffmpeg
ffmpegffmpeg>= 0 < 4:0.5+svn20090706-34:0.5+svn20090706-3
ffmpegffmpeg>= 0 < 4:0.5+svn20090706-34:0.5+svn20090706-3
ffmpegffmpeg>= 0 < 4:0.5+svn20090706-34:0.5+svn20090706-3
ffmpegffmpeg>= 0 < 4:0.5+svn20090706-34:0.5+svn20090706-3

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33233-1.zip
urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33233-2.zip
  • Target application is FFmpeg version 0.5; presence of this version in an environment indicates exposure to a remotely-triggerable stack-based buffer overflow leading to crash or code execution.
  • Monitor for unexpected crashes or abnormal process termination in FFmpeg 0.5 processes when processing remote/untrusted media input, as exploitation manifests as a crash or arbitrary code execution.
  • ·The vulnerability vectors are unspecified ('unknown vectors'); no specific file format, codec, or network protocol trigger has been publicly documented, limiting precise detection rule creation.
  • ·Debian fixed this in package version 4:0.5+svn20090706-3; environments running older Debian FFmpeg packages remain vulnerable.

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.