CVE-2017-15672

Published: Nov 6, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

101690

vdb-entry

x_refsource_BID

http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=c20f4fcb74da2d0432c7b54499bb98f48236b904

x_refsource_CONFIRM

[oss-security] 20171103 [CVE-2017-15672]: ffmpeg: read out of bounds of buffer when it parsing an craft mp4 file.

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update

mailing-list

x_refsource_MLIST

DSA-4049

vendor-advisory

x_refsource_DEBIAN

https://github.com/FFmpeg/FFmpeg/commit/d893253fcd93d11258e98857175e93be7d158708

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15672

Description

Affected Products

References