VDB
ANCHORE-2016-10191
ANCHORE-2016-10191
PUBLISHED
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ffmpeg | ffmpeg | 3.1, 3.0, 0 |
Timeline
- Feb 9, 2017 CVE Published
- Aug 6, 2024 CVE Updated
References
- http://www.openwall.com/lists/oss-security/2017/01/31/12 url
- http://www.openwall.com/lists/oss-security/2017/02/02/1 url
- http://www.securityfocus.com/bid/95989 url
- https://ffmpeg.org/security.html url
- https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7 url
- https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html url