[Forgot Password]
Login  Register Subscribe

23631

 
 

123862

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-4705

Date: (C)2011-01-22   (M)2017-11-18 


Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECUNIA-43323
BID-46294
DSA-2165
http://git.ffmpeg.org/?p=ffmpeg.git;a=commit;h=366d919016a679d3955f6fe5278fa7ce4f47b81e

CPE    1
cpe:/a:ffmpeg:ffmpeg:0.6
CWE    1
CWE-189
OVAL    1
oval:org.secpod.oval:def:600193

© 2013 SecPod Technologies