| Name | CVE-2006-4799 |
| Description | Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-1215 |
| Debian Bugs | 369876 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| xine-lib | source | sarge | 1.0.1-1sarge4 | DSA-1215 | ||
| xine-lib | source | (unstable) | 1.1.2-1 | medium | 369876 |
according to the changelog, libxine (starting from 1.1.2-4) links dynamically against ffmpeg