VDB

CVE-2005-4048

CVE-2005-4048 PUBLISHED CVSS 7.5 HIGH

Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.

EPSS 5.25% · 90.2th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
5.25%
90.2th percentile

Affected Products

VendorProductVersions
n/an/an/a
ffmpegffmpeg0.4.7, 0.4.8, 0.4.9

Timeline

  • Dec 7, 2005 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score

References

…and 13 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›