4 matches found
SUSE CVE-2016-10191
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches...
CVE-2017-11665
The ffamfgetfieldvalue function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service Segmentation Violation and application crash via a crafted stream...
CVE-2017-11665
CVE-2017-11665 affects FFmpeg 3.3.2, where the ff_amf_get_field_value function in libavformat/rtmppkt.c can be exploited by a crafted RTMP stream to trigger a denial of service (Segmentation Violation and application crash). Public references in connected documents confirm the vulnerability in FF...
Remote Code Execution (RCE)
ffmpeg is vulnerable to remote code execution RCE attacks. A heap-based buffer overflow in libavformat/rtmppkt.c is caused by the failure to check for RTMP packet size mismatches. The resulted buffer overflow can be exploited by aligning chunks and by using a white-what-where condition to launch...