ID CVE-2009-4639
Summary The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error.
References
Vulnerable Configurations
  • cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 26-10-2011 - 02:44)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 36465
confirm https://roundup.ffmpeg.org/roundup/ffmpeg/issue1245
mandriva
  • MDVSA-2011:059
  • MDVSA-2011:060
  • MDVSA-2011:061
  • MDVSA-2011:088
  • MDVSA-2011:112
misc
secunia
  • 36805
  • 39482
ubuntu USN-931-1
vupen
  • ADV-2010-0935
  • ADV-2011-1241
Last major update 26-10-2011 - 02:44
Published 10-02-2010 - 02:30
Last modified 26-10-2011 - 02:44
Back to Top