Published: 06/11/2017 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote malicious users to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ffmpeg ffmpeg
debian debian linux 8.0
debian debian linux 9.0

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed For the stable distribution (stretch), these problems have been fixed in version 7:329-1~deb9u1 We recommend that you upgrade your ffmpeg ...

CWE-125 http://www.openwall.com/lists/oss-security/2017/11/03/4 http://www.securityfocus.com/bid/101690 https://www.debian.org/security/2017/dsa-4049 https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html https://github.com/FFmpeg/FFmpeg/commit/d893253fcd93d11258e98857175e93be7d158708 http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c20f4fcb74da2d0432c7b54499bb98f48236b904 https://nvd.nist.gov https://www.debian.org/security/./dsa-4049

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15672

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect