Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Apr 23, 2026
CVE-2008-3162
CVE-2008-3162
Description
Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.
Affected products
14cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- secunia.com/advisories/30994nvdVendor Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvd
- secunia.com/advisories/31268nvd
- secunia.com/advisories/34385nvd
- secunia.com/advisories/34905nvd
- security.gentoo.org/glsa/glsa-200903-33.xmlnvd
- svn.mplayerhq.hu/ffmpegnvd
- www.debian.org/security/2009/dsa-1781nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2008/07/09/9nvd
- www.openwall.com/lists/oss-security/2008/07/16/4nvd
- www.securityfocus.com/bid/30154nvd
- www.ubuntu.com/usn/usn-630-1nvd
- www.vupen.com/english/advisories/2008/2031/referencesnvd
- roundup.mplayerhq.hu/roundup/ffmpeg/issue311nvd
News mentions
0No linked articles in our index yet.