3 matches found
Debian DSA-3996-1 : ffmpeg - security update
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed Real, MV, RL2, ASF, Apple HLS, Phantom Cine, MXF, NSV, MOV or RTP H.264 files/streams are processed. %NASLMINLEVEL...
[SECURITY] [DSA 3996-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3996-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2017 https://www.debian.org/security/faq -...
CVE-2017-14222
CVE-2017-14222 affects FFmpeg 3.3.3’s libavformat/mov.c, where read_tfra() lacks an EOF check. A crafted MOV file that claims a large item_count but lacks backing data can trigger a loop that consumes excessive CPU and memory, potentially crashing the app. The issue is caused by missing bounds/EO...