Vulnerability CVE-2006-4800

Vulnerability Name:

CVE-2006-4800 (CCN-29276)

Assigned:

2006-09-13

Published:

2006-09-13

Updated:

2018-10-30

Summary:

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c.
Note: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: Gentoo Bugzilla Bug 133520
{media-video/ffmpeg|media-libs/xine-lib} multiple issues (CVE-200{5-4048|6-2802})

Source: MISC
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=133520

Source: MITRE
Type: CNA
CVE-2006-4800

Source: CCN
Type: FFmpeg Web page
FFmpeg

Source: SECUNIA
Type: Patch, Vendor Advisory
21921

Source: CCN
Type: SA22180
FFmpeg Multiple Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
22180

Source: CCN
Type: SA22181
xine-lib FFmpeg Multiple Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
22181

Source: CCN
Type: SA22182
MPlayer FFmpeg Multiple Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
22182

Source: SECUNIA
Type: UNKNOWN
22198

Source: SECUNIA
Type: UNKNOWN
22200

Source: SECUNIA
Type: UNKNOWN
22201

Source: CCN
Type: SA22202
GStreamer FFmpeg Plug-in Multiple Buffer Overflows

Source: SECUNIA
Type: UNKNOWN
22202

Source: SECUNIA
Type: UNKNOWN
22203

Source: SECUNIA
Type: UNKNOWN
22230

Source: SECUNIA
Type: UNKNOWN
23010

Source: SECUNIA
Type: UNKNOWN
23213

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200609-09

Source: DEBIAN
Type: DSA-1215
xine-lib -- several vulnerabilities

Source: CCN
Type: GLSA-200609-09
FFmpeg: Buffer overflows

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:173

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:174

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:175

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:176

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:073

Source: BID
Type: Patch
20009

Source: CCN
Type: BID-20009
FFmpeg Image File Multiple Buffer Overflow Vulnerabilities

Source: CCN
Type: USN-358-1
ffmpeg

Source: UBUNTU
Type: UNKNOWN
USN-358-1

Source: DEBIAN
Type: UNKNOWN
DSA-1215

Source: XF
Type: UNKNOWN
ffmpeg-multiple-bo(29276)

Source: SUSE
Type: SUSE-SA:2006:073
mono tmpfile race problem

Vulnerable Configuration:

Configuration 1:

cpe:/a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*

OR cpe:/a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:26132	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:20064800	V	CVE-2006-4800	2021-08-15
oval:org.opensuse.security:def:36507	P	libxine-devel-1.1.15-23.3.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26068	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:26056	P	Security update for curl (Moderate)	2021-05-26
oval:org.opensuse.security:def:26057	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:26788	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26341	P	Security update for fmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26686	P	dhcpcd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26832	P	tftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26398	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:26735	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27470	P	libpcp3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26482	P	Security update for ffmpeg-4 (Low)	2020-12-01
oval:org.opensuse.security:def:26774	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26260	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:27505	P	libxine-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26633	P	python on GA media (Moderate)	2020-12-01
oval:org.debian:def:1215	V	several vulnerabilities	2006-11-20

BACK