Skip to main content

Numeric Errors

CVE-2009-4632

Severity Medium
Score 5.8/10

Summary

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.

  • MEDIUM
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • PARTIAL

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

  • Published