Novell Home

CVE-2006-4800

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2006-4800 at MITRE

Description

Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 222892

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX 10.0
  • xine-lib >= 1.1.0-12.7
  • xine-lib-32bit >= 1.1.0-12.7
  • xine-lib-64bit >= 1.1.0-12.7
SUSE LINUX 10.1
  • xine-lib >= 1.1.1-24.10
  • xine-lib-32bit >= 1.1.1-24.10
  • xine-lib-64bit >= 1.1.1-24.10
SUSE LINUX 9.3
  • xine-lib >= 1.0-10.9
  • xine-lib-32bit >= 9.3-7.4
SLES SDK 9 for IPF
  • xine-lib >= 0.99.rc3a-106.31
  • xine-lib-x86 >= 9-200611230129
core9.s390
sles9-nld.x86
YOU Patch Nr: 11311
ZYPP Patch Nr: 2307
SLES SDK 9 for IBM iSeries and IBM pSeries
  • xine-lib >= 0.99.rc3a-106.31
  • xine-lib-64bit >= 9-200611230121
core9.s390
sles9-nld.x86
YOU Patch Nr: 11311
ZYPP Patch Nr: 2307
Novell Linux Desktop 9 for x86
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for x86
  • xine-lib >= 0.99.rc3a-106.31
core9.s390
sles9-nld.x86
YOU Patch Nr: 11311
ZYPP Patch Nr: 2307
SLES SDK 9 for IBM zSeries
  • xine-lib >= 0.99.rc3a-106.31
  • xine-lib-32bit >= 9-200611230107
core9.s390
sles9-nld.x86
YOU Patch Nr: 11311
ZYPP Patch Nr: 2307
Novell Linux Desktop 9 for x86_64
SLES SDK 9 for X86-64
  • xine-lib >= 0.99.rc3a-106.31
  • xine-lib-32bit >= 9-200611230135
core9.s390
sles9-nld.x86
YOU Patch Nr: 11311
ZYPP Patch Nr: 2307

© 2014 Novell