CVE-2006-4800

CVSS 7.5 - HIGH

Description

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

Affected Products

4

Vendor	Product	Version
ffmpeg	ffmpeg	`0.4.6`
ffmpeg	ffmpeg	`0.4.7`
ffmpeg	ffmpeg	`0.4.8`
ffmpeg	ffmpeg	`0.4.9`

References

http://bugs.gentoo.org/show_bug.cgi?id=133520

http://secunia.com/advisories/21921

http://secunia.com/advisories/22180

http://secunia.com/advisories/22181

http://secunia.com/advisories/22182

http://secunia.com/advisories/22198

http://secunia.com/advisories/22200

http://secunia.com/advisories/22201

http://secunia.com/advisories/22202

http://secunia.com/advisories/22203

http://secunia.com/advisories/22230

http://secunia.com/advisories/23010

http://secunia.com/advisories/23213

http://security.gentoo.org/glsa/glsa-200609-09.xml

http://www.mandriva.com/security/advisories?name=M...

http://www.mandriva.com/security/advisories?name=M...

http://www.mandriva.com/security/advisories?name=M...

http://www.mandriva.com/security/advisories?name=M...

http://www.novell.com/linux/security/advisories/20...

http://www.securityfocus.com/bid/20009

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2006-4800
Published:: 2006-09-14
Modified:: 2026-04-16
CVSS Score:: 7.5
Severity:: HIGH
Vector:: AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Vendors

ffmpeg

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL