CVE-2008-3162

EPSS 26.5%

ffmpeg ffmpeg-debian - arbitrary code execution

發布日:2008/7/14修改日:2026/4/28

描述

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

受影響套件(3)

Debian/ffmpegfrom 0, < 0.svn20080206-10
Debian/ffmpegfrom 0, < 0.cvs20060823-8+etch1
Debian/ffmpeg-debianfrom 0, < 0.svn20080206-17+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3162