0.002 Low
EPSS
Percentile
52.3%
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
www.openwall.com/lists/oss-security/2016/12/08/1
github.com/FFmpeg/FFmpeg/commit/30581c51e72a7a7ea1572c1c6039f6e4c590a55c
launchpad.net/bugs/cve/CVE-2016-9561
nvd.nist.gov/vuln/detail/CVE-2016-9561
security-tracker.debian.org/tracker/CVE-2016-9561
www.cve.org/CVERecord?id=CVE-2016-9561