CVE-2008-4868

Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
ffmpegffmpeg
𝑥
≤ 0.4.9
ffmpegffmpeg
0.3
ffmpegffmpeg
0.3.1
ffmpegffmpeg
0.3.2
ffmpegffmpeg
0.3.3
ffmpegffmpeg
0.3.4
ffmpegffmpeg
0.4.0
ffmpegffmpeg
0.4.2
ffmpegffmpeg
0.4.3
ffmpegffmpeg
0.4.4
ffmpegffmpeg
0.4.5
ffmpegffmpeg
0.4.6
ffmpegffmpeg
0.4.7
ffmpegffmpeg
0.4.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ffmpeg
bullseye
7:4.3.7-0+deb11u1
fixed
etch
not-affected
bullseye (security)
7:4.3.8-0+deb11u1
fixed
bookworm
7:5.1.6-0+deb12u1
fixed
bookworm (security)
7:5.1.6-0+deb12u1
fixed
sid
7:7.1-3
fixed
trixie
7:7.1-3
fixed
mplayer
bullseye
2:1.4+ds1-1+deb11u1
fixed
etch
not-affected
bookworm
2:1.5+svn38408-1
fixed
sid
2:1.5+svn38542-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ffmpeg
oneiric
dne
natty
dne
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
not-affected
dapper
ignored
ffmpeg-debian
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
not-affected
intrepid
not-affected
hardy
dne
gutsy
dne
feisty
dne
dapper
dne
gstreamer0.10-ffmpeg
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
ignored
dapper
ignored
kino
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
not-affected
dapper
not-affected
mplayer
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
ignored
xmovie
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
References
http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html
http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016136.html
http://secunia.com/advisories/34385
http://security.gentoo.org/glsa/glsa-200903-33.xml
http://www.openwall.com/lists/oss-security/2008/10/29/6
https://exchange.xforce.ibmcloud.com/vulnerabilities/46325
http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html
http://lists.mplayerhq.hu/pipermail/ffmpeg-cvslog/2008-August/016136.html
http://secunia.com/advisories/34385
http://security.gentoo.org/glsa/glsa-200903-33.xml
http://www.openwall.com/lists/oss-security/2008/10/29/6
https://exchange.xforce.ibmcloud.com/vulnerabilities/46325