Rule Category

FILE-MULTIMEDIA -- Snort detected traffic targeting vulnerabilities in multimedia files (mp3, movies, wmv, etc.).

Alert Message

FILE-MULTIMEDIA FFmpeg OGV file format memory corruption attempt

Rule Explanation

Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption. Impact: CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE Details: Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].

Rule Groups

No rule groups

CVE

Additional Links

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2009-4631
Loading description
CVE-2009-4632
Loading description
CVE-2009-4633
Loading description
CVE-2009-4634
Loading description
CVE-2009-4635
Loading description
CVE-2009-4636
Loading description
CVE-2009-4637
Loading description
CVE-2009-4638
Loading description
CVE-2009-4639
Loading description
CVE-2009-4640
Loading description