Intrusion Prevention

FFmpeg.4xm.Processing.Memory.Corruption

Description

This indicates an attack attempt against a vulnerability in FFmpeg audio/video converter.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted 4XM movie file. It allows a remote attacker to execute arbitrary code.

Affected Products

FFmpeg 0.8.7 -r1
FFmpeg 0.8.7
FFmpeg 0.4.9 20080909
FFmpeg 0.4.9 -pre1
FFmpeg 0.4.9 -0.pre1.5.1.20060
FFmpeg 0.4.9
FFmpeg 0.4.8
FFmpeg 0.4.7
FFmpeg 0.4.6
FFmpeg 2005-03-13
FFmpeg 0.49_p20060530

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the website:
http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=72e715fb798f2cb79fd24a6d2eaeafb7c6eeda17

CVE References

CVE-2009-0385