CVE-2006-4800

N/A Unknown

Published: September 14, 2006 Modified: April 16, 2026

Description

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.gentoo.org/show_bug.cgi?id=133520

Source: cve@mitre.org

http://secunia.com/advisories/21921

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/22180

Source: cve@mitre.org

http://secunia.com/advisories/22181

Source: cve@mitre.org

http://secunia.com/advisories/22182

Source: cve@mitre.org

http://secunia.com/advisories/22198

Source: cve@mitre.org

http://secunia.com/advisories/22200

Source: cve@mitre.org

http://secunia.com/advisories/22201

Source: cve@mitre.org

http://secunia.com/advisories/22202

Source: cve@mitre.org

http://secunia.com/advisories/22203

Source: cve@mitre.org

http://secunia.com/advisories/22230

Source: cve@mitre.org

http://secunia.com/advisories/23010

Source: cve@mitre.org

http://secunia.com/advisories/23213

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200609-09.xml

Source: cve@mitre.org

Patch Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2006:173

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:174

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:175

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:176

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2006_73_mono.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/20009

Source: cve@mitre.org

Patch

http://www.ubuntu.com/usn/usn-358-1

Source: cve@mitre.org

http://www.us.debian.org/security/2006/dsa-1215

Source: cve@mitre.org

http://bugs.gentoo.org/show_bug.cgi?id=133520

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21921

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/22180

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22181

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22182

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22198

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22200

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22201

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22202

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22203

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/22230

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23010

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/23213

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200609-09.xml

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2006:173

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:174

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:175

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2006:176

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2006_73_mono.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/20009

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.ubuntu.com/usn/usn-358-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us.debian.org/security/2006/dsa-1215

Source: af854a3a-2127-422b-91ae-364da2661108

44 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

6.3%

91th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

ffmpeg