Published: 27/12/2017 Updated: 17/01/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The dnxhd decoder in FFmpeg prior to 3.2.6, and 3.3.x prior to 3.3.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted mov file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ffmpeg ffmpeg

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder These issues could lead to Denial-of-Service and, in some situation, the execution of arbitrary code CVE-2017-9608 Yihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when parsing a crafted MOV file CVE-2017-9993 Thierry Fou ...

CWE-476 https://github.com/FFmpeg/FFmpeg/commit/611b35627488a8d0763e75c25ee0875c5b7987dd https://github.com/FFmpeg/FFmpeg/commit/31c1c0b46a7021802c3d1d18039fca30dba5a14e https://github.com/FFmpeg/FFmpeg/commit/0a709e2a10b8288a0cc383547924ecfe285cef89 http://www.securityfocus.com/bid/100348 http://www.openwall.com/lists/oss-security/2017/08/15/8 http://www.openwall.com/lists/oss-security/2017/08/14/1 https://www.debian.org/security/2017/dsa-3957 https://nvd.nist.gov https://www.debian.org/security/./dsa-3957

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-9608

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect