CVE-2008-3162

EPSS 26.5%

ffmpeg ffmpeg-debian - arbitrary code execution

Published: 7/14/2008Modified: 4/28/2026

Description

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

Affected packages (3)

Debian/ffmpegfrom 0, < 0.svn20080206-10
Debian/ffmpegfrom 0, < 0.cvs20060823-8+etch1
Debian/ffmpeg-debianfrom 0, < 0.svn20080206-17+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3162