CVE-2006-4800 Information

Description

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c (2) vorbis.c (3) rm.c (4) sierravmd.c (5) smacker.c (6) tta.c (7) 4xm.c (8) alac.c (9) cook.c (10) shorten.c (11) smacker.c (12) snow.c and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=133520 http://secunia.com/advisories/21921 http://secunia.com/advisories/22180 http://secunia.com/advisories/22181 http://secunia.com/advisories/22182 http://secunia.com/advisories/22198 http://secunia.com/advisories/22200 http://secunia.com/advisories/22201 http://secunia.com/advisories/22202 http://secunia.com/advisories/22203 http://secunia.com/advisories/22230 http://secunia.com/advisories/23010 http://secunia.com/advisories/23213 http://security.gentoo.org/glsa/glsa-200609-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:173 http://www.mandriva.com/security/advisories?name=MDKSA-2006:174 http://www.mandriva.com/security/advisories?name=MDKSA-2006:175 http://www.mandriva.com/security/advisories?name=MDKSA-2006:176 http://www.novell.com/linux/security/advisories/2006_73_mono.html http://www.securityfocus.com/bid/20009 http://www.ubuntu.com/usn/usn-358-1 http://www.us.debian.org/security/2006/dsa-1215