Arbitrary Code Execution

2020-08-0621:38:32

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

52.8%

JSON

FFmpeg is vulnerable to arbitrary code execution. A use-after-free bug occurs via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer later access that pointer in av_probe_input_format3 in libavformat/format.c.

CPENameOperatorVersion
ffmpeg:3.10eq4.1.5-r0
ffmpeg:3.10eq4.1.4-r0
ffmpeg:3.11eq4.2.1-r3
ffmpeg:3.12eq4.2.3-r0
ffmpegeq2.3.5-r0
ffmpegeq0.10.9-r0
ffmpegeq3.2.9-r0
ffmpegeq3.4.6-r0
ffmpegeq1.2.8-r0
ffmpegeq2.8.11-r0

Name	Operator	Version
ffmpeg:3.10	eq	4.1.5-r0
ffmpeg:3.10	eq	4.1.4-r0
ffmpeg:3.11	eq	4.2.1-r3
ffmpeg:3.12	eq	4.2.3-r0
ffmpeg	eq	2.3.5-r0
ffmpeg	eq	0.10.9-r0
ffmpeg	eq	3.2.9-r0
ffmpeg	eq	3.4.6-r0
ffmpeg	eq	1.2.8-r0
ffmpeg	eq	2.8.11-r0