CVE-2009-4634

EUVD-2009-4599
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
ffmpegffmpeg
0.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ffmpeg
bookworm
7:5.1.6-0+deb12u1
fixed
bookworm (security)
7:5.1.6-0+deb12u1
fixed
bullseye
7:4.3.7-0+deb11u1
fixed
bullseye (security)
7:4.3.8-0+deb11u1
fixed
sid
7:7.1-3
fixed
trixie
7:7.1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ffmpeg
dapper
ignored
hardy
Fixed 3:0.cvs20070307-5ubuntu7.4
released
intrepid
ignored
jaunty
ignored
karmic
Fixed 4:0.5+svn20090706-2ubuntu2.1
released
lucid
not-affected
maverick
not-affected
ffmpeg-debian
dapper
dne
hardy
dne
intrepid
Fixed 3:0.svn20080206-12ubuntu3.2
released
jaunty
Fixed 3:0.svn20090303-1ubuntu6.1
released
karmic
dne
lucid
dne
maverick
dne
Common Weakness Enumeration
References
http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html
http://secunia.com/advisories/36805
http://secunia.com/advisories/38643
http://secunia.com/advisories/39482
http://www.debian.org/security/2010/dsa-2000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:059
http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
http://www.mandriva.com/security/advisories?name=MDVSA-2011:112
http://www.mandriva.com/security/advisories?name=MDVSA-2011:114
http://www.securityfocus.com/bid/36465
http://www.ubuntu.com/usn/USN-931-1
http://www.vupen.com/english/advisories/2010/0935
http://www.vupen.com/english/advisories/2011/1241
https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240
http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html
http://secunia.com/advisories/36805
http://secunia.com/advisories/38643
http://secunia.com/advisories/39482
http://www.debian.org/security/2010/dsa-2000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:059
http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
http://www.mandriva.com/security/advisories?name=MDVSA-2011:112
http://www.mandriva.com/security/advisories?name=MDVSA-2011:114
http://www.securityfocus.com/bid/36465
http://www.ubuntu.com/usn/USN-931-1
http://www.vupen.com/english/advisories/2010/0935
http://www.vupen.com/english/advisories/2011/1241
https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240