Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

ffmpeg and Libav cross-domain information disclosure vulnerability

πŸ—“οΈΒ 20 Jan 2016Β 00:00:00Reported byΒ Maxim AndreevTypeΒ 
cert
Β certπŸ”—Β www.kb.cert.orgπŸ‘Β 59Β Views

ffmpeg and Libav cross-domain information disclosure vulnerability. Improper domain restrictions lead to remote data query and local file exposure

Show more
Related
Refs
ReporterTitlePublishedViews
Family
FreeBSD		ffmpeg -- remote attacker can access local files
13 Jan 201600:00
–freebsd
SUSE Linux		Security update for ffmpeg (important)
25 Jan 201622:11
–suse
Tenable Nessus		openSUSE Security Update : ffmpeg (openSUSE-2016-94)
27 Jan 201600:00
–nessus
Tenable Nessus		Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : MPlayer (SSA:2016-034-02)
4 Feb 201600:00
–nessus
Tenable Nessus		FreeBSD : ffmpeg -- remote attacker can access local files (046fedd1-bd01-11e5-bbf4-5404a68ad561)
19 Jan 201600:00
–nessus
Tenable Nessus		Debian DSA-3506-1 : libav - security update
7 Mar 201600:00
–nessus
Tenable Nessus		GLSA-201705-08 : libav: Multiple vulnerabilities
10 May 201700:00
–nessus
Tenable Nessus		GLSA-201606-09 : FFmpeg: Multiple vulnerabilities
20 Jun 201600:00
–nessus
Tenable Nessus		Ubuntu 12.04 LTS : libav vulnerabilities (USN-2944-1)
5 Apr 201600:00
–nessus
Hacker One		Pornhub: [ssrf] libav vulnerable during conversion of uploaded videos
17 Jan 201615:36
–hackerone
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
20 Jan 2016 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS24.3
CVSS35.5
EPSS0.00533
information exposure through sent datacve-2016-1897cve-2016-1898cross-platform solutionplaylist filesfile disclosureconcatenationssubfilesmitreupdatealpine linuxarch linuxdebian gnu/linuxgentoo linuxsuse linuxspecially-crafted playlist filefile contents acquisition.
59
.json
Report