cpe:/a:ffmpeg:ffmpeg:0.5 CVE-2009-4631 2010-02-09T21:30:00.483-05:00 2010-05-04T01:48:40.390-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-02-10T09:09:00.000-05:00 BID 36465 SECUNIA 36805 SECUNIA 38643 DEBIAN DSA-2000 MISC http://scarybeastsecurity.blogspot.com/2009/09/patching-ffmpeg-into-shape.html MISC https://roundup.ffmpeg.org/roundup/ffmpeg/issue1240 MISC https://roundup.ffmpeg.org/roundup/ffmpeg/issue1483 Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.