Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and previous versions, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote malicious users to execute arbitrary commands via small PNG images with palettes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ffmpeg ffmpeg 0.4.8 |
||
ffmpeg ffmpeg 0.4.9 |
||
ffmpeg ffmpeg 0.4.6 |
||
ffmpeg ffmpeg 0.4.7 |
||
ffmpeg ffmpeg cvs |