Lucene search

K

MitreCVELIST:CVE-2016-1897

HistoryJan 15, 2016 - 2:00 a.m.

CVE-2016-1897

2016-01-1502:00:00

mitre

www.cve.org

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.

References

habrahabr.ru/company/mailru/blog/274855

lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html

security.stackexchange.com/questions/110644

www.debian.org/security/2016/dsa-3506

www.openwall.com/lists/oss-security/2016/01/14/1

www.securityfocus.com/bid/80501

www.securitytracker.com/id/1034932

www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036

www.ubuntu.com/usn/USN-2944-1

security.gentoo.org/glsa/201606-09

security.gentoo.org/glsa/201705-08

www.kb.cert.org/vuls/id/772447

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

Related for CVELIST:CVE-2016-1897

prion1 cve1 debiancve1 ubuntucve1 nvd1 freebsd1 cert1 openvas6 f52 seebug1 archlinux1 nessus7 suse1 slackware1 hackerone1 mageia1 debian1 osv1 gentoo2 ubuntu1