Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-4048

Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes.

  • Published: Dec 7, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-4048
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
ffmpeg / ffmpeg 0.4.7 0.4.7.x
ffmpeg / ffmpeg cvs cvs.x
ffmpeg / ffmpeg 0.4.6 0.4.6.x
ffmpeg / ffmpeg 0.4.8 0.4.8.x
ffmpeg / ffmpeg 0.4.9 0.4.9.x