CVE-2008-4869: Critical severity ffmpeg vulnerability
Published Oct 31, 2008
·Updated
FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."
Affected Software
15 affected components
FFmpeg FFmpeg<=0.4.9
FFmpeg FFmpeg=0.3
FFmpeg FFmpeg=0.3.1
FFmpeg FFmpeg=0.3.2
FFmpeg FFmpeg=0.3.3
FFmpeg FFmpeg=0.3.4
FFmpeg FFmpeg=0.4.0
FFmpeg FFmpeg=0.4.2
FFmpeg FFmpeg=0.4.3
FFmpeg FFmpeg=0.4.4
FFmpeg FFmpeg=0.4.5
FFmpeg FFmpeg=0.4.6
FFmpeg FFmpeg=0.4.7
FFmpeg FFmpeg=0.4.8
MPlayer MPlayer
Event History
Oct 31, 2008
CVE Published
via MITRE·10:00 PM
Data Sourced
via MITRE·10:00 PM
Description
Nov 1, 2008
Data Sourced
12:00 AM
DescriptionWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2008-4869?
CVE-2008-4869 has a severity rating that indicates it can lead to a denial of service due to memory consumption.
2
How can I fix CVE-2008-4869?
To fix CVE-2008-4869, users should upgrade to a later version of FFmpeg that is not affected by this vulnerability.
3
What software is affected by CVE-2008-4869?
CVE-2008-4869 affects FFmpeg versions up to 0.4.9 and specifically versions 0.3.0 to 0.4.9.
4
What does CVE-2008-4869 exploit?
CVE-2008-4869 exploits a memory leak vulnerability in FFmpeg, allowing for potential denial of service.
5
Is MPlayer affected by CVE-2008-4869?
MPlayer itself is not affected by CVE-2008-4869, but it may use a vulnerable version of FFmpeg.