Lucene search
Veracode Vulnerability DatabaseVERACODE:4496HistoryJun 29, 2017 - 3:17 a.m.
Information Disclosure
2017-06-2903:17:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.005 Low
EPSS
Percentile
75.7%
FFmpeg is vulnerable to information disclosure. The library does not properly handle HTTP Live Streaming filename extensions and demuxer names. A malicious user can pass playlist files to the system to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ffmpeg | le | 2.8.3 | |
| ffmpeg:3.4 | eq | 3.0.7-r0 |
Related
prion
prion
Code injection
2017-06-28 06:29:00
alpinelinux
alpinelinux
CVE-2017-9993
2017-06-28 06:29:00
debiancve
debiancve
CVE-2017-9993
2017-06-28 06:29:00
cvelist
cvelist
CVE-2017-9993
2017-06-28 06:00:00
ubuntucve
ubuntucve
CVE-2017-9993
2017-06-28 00:00:00
cve
cve
CVE-2017-9993
2017-06-28 06:29:00
osv
osv
CVE-2017-9993
2017-06-28 06:29:00
ffmpeg - security update
2017-08-28 00:00:00
libav - security update
2019-01-07 00:00:00
nvd
nvd
CVE-2017-9993
2017-06-28 06:29:00
debian
debian
[SECURITY] [DSA 3957-1] ffmpeg security update
2017-08-28 20:49:57
[SECURITY] [DSA 3957-1] ffmpeg security update
2017-08-28 20:49:57
[SECURITY] [DLA 1630-1] libav security update
2019-01-07 22:34:48
nessus
nessus
Debian DSA-3957-1 : ffmpeg - security update
2017-08-29 00:00:00
Debian DLA-1630-1 : libav security update
2019-01-08 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3957-1)
2017-08-27 00:00:00
Debian: Security Advisory (DLA-1630-1)
2019-01-07 00:00:00
Mageia: Security Advisory (MGASA-2018-0008)
2022-01-28 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerability
2018-01-01 13:38:51