{"id": "UB:CVE-2017-11719", "vendorId": null, "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2017-11719", "description": "The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0\nthrough 3.3.2 allows remote attackers to cause a denial of service\n(out-of-array access) or possibly have unspecified other impact via a\ncrafted DNxHD file.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ebarretto](<https://launchpad.net/~ebarretto>) | This CVE doesn't seem to affect xenial as the code differ a little and some steps are not done in xenial version.\n", "published": "2017-07-28T00:00:00", "modified": "2017-07-28T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2017-11719", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719", "https://nvd.nist.gov/vuln/detail/CVE-2017-11719", "https://launchpad.net/bugs/cve/CVE-2017-11719", "https://security-tracker.debian.org/tracker/CVE-2017-11719"], "cvelist": ["CVE-2017-11719"], "immutableFields": [], "lastseen": "2021-11-22T21:41:03", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-11719"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3957-1:0A2B6", "DEBIAN:DSA-3957-1:25D72"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-11719"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3957.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703957"]}], "rev": 4}, "score": {"value": 6.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2017-11719"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3957-1:25D72"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-11719"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3957.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703957"]}]}, "exploitation": null, "vulnersScore": 6.1}, "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "ffmpeg"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "libav"}], "bugs": [], "_state": {"dependencies": 1645977127}}

{"cve": [{"lastseen": "2022-03-23T12:39:03", "description": "The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-07-28T05:29:00", "type": "cve", "title": "CVE-2017-11719", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11719"], "modified": "2021-01-04T22:15:00", "cpe": ["cpe:/a:ffmpeg:ffmpeg:3.3.2"], "id": "CVE-2017-11719", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11719", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ffmpeg:ffmpeg:3.3.2:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2022-04-24T07:38:07", "description": "The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-07-28T05:29:00", "type": "debiancve", "title": "CVE-2017-11719", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11719"], "modified": "2017-07-28T05:29:00", "id": "DEBIANCVE:CVE-2017-11719", "href": "https://security-tracker.debian.org/tracker/CVE-2017-11719", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:17", "description": "Several vulnerabilities have been discovered in FFmpeg, a multimedia\nplayer, server and encoder. These issues could lead to Denial-of-Service\nand, in some situation, the execution of arbitrary code.\n\nCVE-2017-9608\nYihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when\nparsing a crafted MOV file.\n\nCVE-2017-9993\nThierry Foucu discovered that it was possible to leak information from\nfiles and symlinks ending in common multimedia extensions, using the\nHTTP Live Streaming.\n\nCVE-2017-11399\nLiu Bingchang of IIE discovered an integer overflow in the APE decoder\nthat can be triggered by a crafted APE file.\n\nCVE-2017-11665\nJunDong Xie of Ant-financial Light-Year Security Lab discovered that\nan attacker able to craft a RTMP stream can crash FFmpeg.\n\nCVE-2017-11719\nLiu Bingchang of IIE discovered an out-of-bound access that can be\ntriggered by a crafted DNxHD file.", "cvss3": {}, "published": "2017-08-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3957-1 (ffmpeg - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9993", "CVE-2017-9608", "CVE-2017-11665", "CVE-2017-11719", "CVE-2017-11399"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703957", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3957.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3957-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703957\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2017-11399\", \"CVE-2017-11665\", \"CVE-2017-11719\", \"CVE-2017-9608\", \"CVE-2017-9993\");\n script_name(\"Debian Security Advisory DSA 3957-1 (ffmpeg - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-28 00:00:00 +0200 (Mon, 28 Aug 2017)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3957.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"ffmpeg on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 7:3.2.7-1~deb9u1.\n\nWe recommend that you upgrade your ffmpeg packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in FFmpeg, a multimedia\nplayer, server and encoder. These issues could lead to Denial-of-Service\nand, in some situation, the execution of arbitrary code.\n\nCVE-2017-9608\nYihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when\nparsing a crafted MOV file.\n\nCVE-2017-9993\nThierry Foucu discovered that it was possible to leak information from\nfiles and symlinks ending in common multimedia extensions, using the\nHTTP Live Streaming.\n\nCVE-2017-11399\nLiu Bingchang of IIE discovered an integer overflow in the APE decoder\nthat can be triggered by a crafted APE file.\n\nCVE-2017-11665\nJunDong Xie of Ant-financial Light-Year Security Lab discovered that\nan attacker able to craft a RTMP stream can crash FFmpeg.\n\nCVE-2017-11719\nLiu Bingchang of IIE discovered an out-of-bound access that can be\ntriggered by a crafted DNxHD file.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"ffmpeg\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ffmpeg-doc\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libav-tools\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec-extra\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec-extra57\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavcodec57\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavdevice57\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter-extra\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter-extra6\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavfilter6\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavformat57\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavresample-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavresample3\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libavutil55\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpostproc54\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswresample-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswresample2\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale-dev\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libswscale4\", ver:\"7:3.2.7-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:35:21", "description": "Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. These issues could lead to Denial-of-Service and, in some situation, the execution of arbitrary code.\n\n - CVE-2017-9608 Yihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when parsing a crafted MOV file.\n\n - CVE-2017-9993 Thierry Foucu discovered that it was possible to leak information from files and symlinks ending in common multimedia extensions, using the HTTP Live Streaming.\n\n - CVE-2017-11399 Liu Bingchang of IIE discovered an integer overflow in the APE decoder that can be triggered by a crafted APE file.\n\n - CVE-2017-11665 JunDong Xie of Ant-financial Light-Year Security Lab discovered that an attacker able to craft a RTMP stream can crash FFmpeg.\n\n - CVE-2017-11719 Liu Bingchang of IIE discovered an out-of-bound access that can be triggered by a crafted DNxHD file.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-08-29T00:00:00", "type": "nessus", "title": "Debian DSA-3957-1 : ffmpeg - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-11399", "CVE-2017-11665", "CVE-2017-11719", "CVE-2017-9608", "CVE-2017-9993"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ffmpeg", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-3957.NASL", "href": "https://www.tenable.com/plugins/nessus/102807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3957. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102807);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11399\", \"CVE-2017-11665\", \"CVE-2017-11719\", \"CVE-2017-9608\", \"CVE-2017-9993\");\n script_xref(name:\"DSA\", value:\"3957\");\n\n script_name(english:\"Debian DSA-3957-1 : ffmpeg - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in FFmpeg, a multimedia\nplayer, server and encoder. These issues could lead to\nDenial-of-Service and, in some situation, the execution of arbitrary\ncode.\n\n - CVE-2017-9608\n Yihan Lian of Qihoo 360 GearTeam discovered a NULL\n pointer access when parsing a crafted MOV file.\n\n - CVE-2017-9993\n Thierry Foucu discovered that it was possible to leak\n information from files and symlinks ending in common\n multimedia extensions, using the HTTP Live Streaming.\n\n - CVE-2017-11399\n Liu Bingchang of IIE discovered an integer overflow in\n the APE decoder that can be triggered by a crafted APE\n file.\n\n - CVE-2017-11665\n JunDong Xie of Ant-financial Light-Year Security Lab\n discovered that an attacker able to craft a RTMP stream\n can crash FFmpeg.\n\n - CVE-2017-11719\n Liu Bingchang of IIE discovered an out-of-bound access\n that can be triggered by a crafted DNxHD file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-9608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-9993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-11399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-11665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-11719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/ffmpeg\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3957\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ffmpeg packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 7:3.2.7-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ffmpeg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"ffmpeg\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ffmpeg-doc\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libav-tools\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavcodec-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavcodec-extra\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavcodec-extra57\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavcodec57\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavdevice-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavdevice57\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavfilter-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavfilter-extra\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavfilter-extra6\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavfilter6\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavformat-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavformat57\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavresample-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavresample3\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavutil-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libavutil55\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpostproc-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpostproc54\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libswresample-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libswresample2\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libswscale-dev\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libswscale4\", reference:\"7:3.2.7-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T21:56:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3957-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nAugust 28, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ffmpeg\nCVE ID : CVE-2017-9608 CVE-2017-9993 CVE-2017-11399 CVE-2017-11665 \n CVE-2017-11719\n\nSeveral vulnerabilities have been discovered in FFmpeg, a multimedia\nplayer, server and encoder. These issues could lead to Denial-of-Service\nand, in some situation, the execution of arbitrary code.\n\nCVE-2017-9608\n\n Yihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when\n parsing a crafted MOV file.\n\nCVE-2017-9993\n\n Thierry Foucu discovered that it was possible to leak information from\n files and symlinks ending in common multimedia extensions, using the\n HTTP Live Streaming.\n\nCVE-2017-11399\n\n Liu Bingchang of IIE discovered an integer overflow in the APE decoder\n that can be triggered by a crafted APE file.\n\nCVE-2017-11665\n\n JunDong Xie of Ant-financial Light-Year Security Lab discovered that\n an attacker able to craft a RTMP stream can crash FFmpeg.\n\nCVE-2017-11719\n\n Liu Bingchang of IIE discovered an out-of-bound access that can be\n triggered by a crafted DNxHD file. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 7:3.2.7-1~deb9u1.\n\nWe recommend that you upgrade your ffmpeg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-28T20:49:57", "type": "debian", "title": "[SECURITY] [DSA 3957-1] ffmpeg security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11399", "CVE-2017-11665", "CVE-2017-11719", "CVE-2017-9608", "CVE-2017-9993"], "modified": "2017-08-28T20:49:57", "id": "DEBIAN:DSA-3957-1:0A2B6", "href": "https://lists.debian.org/debian-security-announce/2017/msg00219.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:14:03", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3957-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nAugust 28, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : ffmpeg\nCVE ID : CVE-2017-9608 CVE-2017-9993 CVE-2017-11399 CVE-2017-11665 \n CVE-2017-11719\n\nSeveral vulnerabilities have been discovered in FFmpeg, a multimedia\nplayer, server and encoder. These issues could lead to Denial-of-Service\nand, in some situation, the execution of arbitrary code.\n\nCVE-2017-9608\n\n Yihan Lian of Qihoo 360 GearTeam discovered a NULL pointer access when\n parsing a crafted MOV file.\n\nCVE-2017-9993\n\n Thierry Foucu discovered that it was possible to leak information from\n files and symlinks ending in common multimedia extensions, using the\n HTTP Live Streaming.\n\nCVE-2017-11399\n\n Liu Bingchang of IIE discovered an integer overflow in the APE decoder\n that can be triggered by a crafted APE file.\n\nCVE-2017-11665\n\n JunDong Xie of Ant-financial Light-Year Security Lab discovered that\n an attacker able to craft a RTMP stream can crash FFmpeg.\n\nCVE-2017-11719\n\n Liu Bingchang of IIE discovered an out-of-bound access that can be\n triggered by a crafted DNxHD file. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 7:3.2.7-1~deb9u1.\n\nWe recommend that you upgrade your ffmpeg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-08-28T20:49:57", "type": "debian", "title": "[SECURITY] [DSA 3957-1] ffmpeg security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11399", "CVE-2017-11665", "CVE-2017-11719", "CVE-2017-9608", "CVE-2017-9993"], "modified": "2017-08-28T20:49:57", "id": "DEBIAN:DSA-3957-1:25D72", "href": "https://lists.debian.org/debian-security-announce/2017/msg00219.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}