4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.01 Low
EPSS
Percentile
84.0%
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac,
failed to perform proper bounds checking, which allowed a remote attacker
to potentially exploit heap corruption via a crafted video file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 17.10 | noarch | chromium-browser | < 56.0.2924.76-0ubuntu2.1343 | UNKNOWN |
ubuntu | 18.04 | noarch | chromium-browser | < 56.0.2924.76-0ubuntu2.1343 | UNKNOWN |
ubuntu | 14.04 | noarch | chromium-browser | < 58.0.3029.81-0ubuntu0.14.04.1172 | UNKNOWN |
ubuntu | 16.04 | noarch | chromium-browser | < 56.0.2924.76-0ubuntu0.16.04.1268 | UNKNOWN |
ubuntu | 16.10 | noarch | chromium-browser | < 56.0.2924.76-0ubuntu0.16.10.1335 | UNKNOWN |
ubuntu | 17.04 | noarch | chromium-browser | < 56.0.2924.76-0ubuntu2.1343 | UNKNOWN |
ubuntu | 16.04 | noarch | ffmpeg | < 7:2.8.11-0ubuntu0.16.04.1 | UNKNOWN |
ubuntu | 16.10 | noarch | ffmpeg | < 7:3.0.7-0ubuntu0.16.10.1 | UNKNOWN |
ubuntu | 17.10 | noarch | oxide-qt | < 1.20.4-0ubuntu1 | UNKNOWN |
ubuntu | 14.04 | noarch | oxide-qt | < 1.20.4-0ubuntu0.14.04.1 | UNKNOWN |
chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html
github.com/FFmpeg/FFmpeg/commit/2d453188c2303da641dafb048dc1806790526dfd
launchpad.net/bugs/cve/CVE-2017-5024
nvd.nist.gov/vuln/detail/CVE-2017-5024
security-tracker.debian.org/tracker/CVE-2017-5024
ubuntu.com/security/notices/USN-3180-1
www.cve.org/CVERecord?id=CVE-2017-5024
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.01 Low
EPSS
Percentile
84.0%