VDB
CVE-2006-4800
CVE-2006-4800
PUBLISHED
CVSS 7.5 HIGH
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
EPSS 6.30% · 91.1th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
6.30%
91.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| ffmpeg | ffmpeg | 0.4.6, 0.4.9, 0.4.7 |
Timeline
- Sep 14, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 4, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 11, 2023 EPSS Score
References
- MDKSA-2006:174 vendor-advisory
- 22181 third-party-advisory
- SUSE-SA:2006:073 vendor-advisory
- 22230 third-party-advisory
- 22201 third-party-advisory
- 20009 vdb
- 23010 third-party-advisory
- USN-358-1 vendor-advisory
- 23213 third-party-advisory
- 22200 third-party-advisory
- 22198 third-party-advisory
- MDKSA-2006:173 vendor-advisory
- 21921 third-party-advisory
- MDKSA-2006:176 vendor-advisory
- DSA-1215 vendor-advisory
- 22182 third-party-advisory
- MDKSA-2006:175 vendor-advisory
- 22180 third-party-advisory
- 22203 third-party-advisory
- 22202 third-party-advisory
…and 3 more