Lucene search
Veracode Vulnerability DatabaseVERACODE:25289HistoryMay 10, 2020 - 11:24 p.m.
Arbitrary Code Execution
2020-05-1023:24:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.004 Low
EPSS
Percentile
74.1%
ffmpeg is vulnerable to arbitrary code execution. Mishandling of empty sprop-parameter-sets values in the sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c leads to heap buffer overflow and allows a remote attacker to cause a denial of service and execute arbitrary code a malicious sdp file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ffmpeg:3.4 | eq | 3.0.7-r0 | |
| ffmpeg:3.4 | eq | 3.0.7-r0 |
Related
alpinelinux
alpinelinux
CVE-2017-14767
2017-09-27 08:29:00
prion
prion
Heap overflow
2017-09-27 08:29:00
osv
osv
CVE-2017-14767
2017-09-27 08:29:00
ffmpeg - security update
2017-10-10 00:00:00
libav - security update
2019-01-07 00:00:00
nvd
nvd
CVE-2017-14767
2017-09-27 08:29:00
cvelist
cvelist
CVE-2017-14767
2017-09-27 08:00:00
ubuntucve
ubuntucve
CVE-2017-14767
2017-09-27 00:00:00
debiancve
debiancve
CVE-2017-14767
2017-09-27 08:29:00
cve
cve
CVE-2017-14767
2017-09-27 08:29:00
nessus
nessus
Debian DSA-3996-1 : ffmpeg - security update
2017-10-11 00:00:00
FreeBSD : FFmpeg -- multiple vulnerabilities (ed73829d-af6d-11e7-a633-009c02a2ab30)
2017-10-16 00:00:00
Debian DLA-1630-1 : libav security update
2019-01-08 00:00:00
freebsd
freebsd
FFmpeg -- multiple vulnerabilities
2017-09-11 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3996-1)
2017-10-09 00:00:00
Debian: Security Advisory (DLA-1630-1)
2019-01-07 00:00:00
debian
debian
[SECURITY] [DSA 3996-1] ffmpeg security update
2017-10-10 19:23:08
[SECURITY] [DLA 1630-1] libav security update
2019-01-07 22:34:48