Published: 22/01/2011 Updated: 07/11/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ffmpeg ffmpeg 0.6

Debian Bug report logs - #611495 [CVE-2010-4705] [CVE-2010-4704] integer overflow in Vorbis decoder Package: ffmpeg; Maintainer for ffmpeg is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for ffmpeg is src:ffmpeg (PTS, buildd, popcon) Reported by: Luciano Bello <luciano@debianorg> Date: ...

Several vulnerabilities have been discovered in FFmpeg coders, which are used by MPlayer and other applications CVE-2010-3429 Cesar Bernardini and Felipe Andres Manzano reported an arbitrary offset dereference vulnerability in the libavcodec, in particular in the FLIC file format parser A specific FLIC file may exploit this vulnerability a ...

CWE-189 http://www.debian.org/security/2011/dsa-2165 http://secunia.com/advisories/43323 http://www.securityfocus.com/bid/46294 http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=366d919016a679d3955f6fe5278fa7ce4f47b81e https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611495 https://nvd.nist.gov https://www.debian.org/security/./dsa-2165

CVE-2010-4705

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect