9.8
CVSSv3

CVE-2016-10190

Published: 09/02/2017 Updated: 21/12/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Heap-based buffer overflow in libavformat/http.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ffmpeg ffmpeg 3.1.3

ffmpeg ffmpeg 3.2

ffmpeg ffmpeg 3.1.1

ffmpeg ffmpeg 3.0.1

ffmpeg ffmpeg 3.0.2

ffmpeg ffmpeg 3.1.4

ffmpeg ffmpeg 3.1.5

ffmpeg ffmpeg 3.0.3

ffmpeg ffmpeg

ffmpeg ffmpeg 3.2.1

ffmpeg ffmpeg 3.0.4

ffmpeg ffmpeg 3.0

ffmpeg ffmpeg 3.1

ffmpeg ffmpeg 3.1.2

Github Repositories

README A tool for binary program to visualize the process of exploit, by analyzing the GOT, information leakage, heap memory, shllcode, and function calls Binary-Exploit-Visualization This project is based on the open-source tool angr We implement a system named BveView, which is based on the record-and-replay method We record the information of the exploit process by ptrace