CVE-2016-3062

Published: Jun 16, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openSUSE-SU-2016:1685

vendor-advisory

x_refsource_SUSE

GLSA-201705-08

vendor-advisory

x_refsource_GENTOO

https://git.libav.org/?p=libav.git%3Ba=commit%3Bh=7e01d48cfd168c3dfc663f03a3b6a98e0ecba328

x_refsource_CONFIRM

DSA-3603

vendor-advisory

x_refsource_DEBIAN

https://bugzilla.libav.org/show_bug.cgi?id=929

x_refsource_CONFIRM

https://github.com/FFmpeg/FFmpeg/commit/689e59b7ffed34eba6159dcc78e87133862e3746

x_refsource_CONFIRM

https://libav.org/releases/libav-11.7.changelog

x_refsource_CONFIRM

https://ffmpeg.org/security.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-3062

Description

Affected Products

References