← back
CVE-2005-4048

CVE-2005-4048

EPSS 5.2%
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558http://cvs.freedesktop.org/gstreamer/gst-ffmpeg/ChangeLog?rev=1.239&view=markuphttp://secunia.com/advisories/17892http://secunia.com/advisories/18066http://secunia.com/advisories/18087http://secunia.com/advisories/18107http://secunia.com/advisories/18400http://secunia.com/advisories/18739http://secunia.com/advisories/18746http://secunia.com/advisories/19114http://secunia.com/advisories/19192http://secunia.com/advisories/19272