VDB-107181 · CVE-2017-14767 · BID 101019

FFmpeg up to 3.3.3 SDP File rtpdec_h264.c sdp_parse_fmtp_config_h264 Parameter memory corruption

A vulnerability classified as critical has been found in FFmpeg up to 3.3.3 (Multimedia Processing Software). This affects the function sdp_parse_fmtp_config_h264 of the file libavformat/rtpdec_h264.c of the component SDP File Handler. Upgrading to version 3.3.4 eliminates this vulnerability. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability.

Field	09/28/2017 08:57 AM	11/20/2019 08:37 AM	01/14/2021 03:21 PM
qualys_id	176709	176709	176709
qualys_title	Debian Security Update for libav (DLA 1630-1)	Debian Security Update for libav (DLA 1630-1)	Debian Security Update for libav (DLA 1630-1)
seealso	102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085	102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085	102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	UC	UC	UC
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	U	U	U
reaction_days	13	13	13
0day_days	34	34	34
exposure_days	13	13	13
cvss3_nvd_basescore	8.8	8.8	8.8
type	Multimedia Processing Software	Multimedia Processing Software	Multimedia Processing Software
name	FFmpeg	FFmpeg	FFmpeg
version	<=3.3.3	<=3.3.3	<=3.3.3
component	SDP File Handler	SDP File Handler	SDP File Handler
file	libavformat/rtpdec_h264.c	libavformat/rtpdec_h264.c	libavformat/rtpdec_h264.c
function	sdp_parse_fmtp_config_h264	sdp_parse_fmtp_config_h264	sdp_parse_fmtp_config_h264
input_type	Parameter	Parameter	Parameter
cwe	119 (memory corruption)	119 (memory corruption)	119 (memory corruption)
risk	2	2	2
cvss2_vuldb_basescore	6.8	6.8	6.8
cvss2_vuldb_tempscore	5.3	5.3	5.3
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_nvd_av	N	N	N
cvss2_nvd_ac	M	M	M
cvss2_nvd_au	N	N	N
cvss2_nvd_ci	P	P	P
cvss2_nvd_ii	P	P	P
cvss2_nvd_ai	P	P	P
cvss3_meta_basescore	8.0	8.0	8.0
cvss3_meta_tempscore	7.0	7.0	7.0
cvss3_vuldb_basescore	7.3	7.3	7.3
cvss3_vuldb_tempscore	6.4	6.4	6.4
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_nvd_av	N	N	N
cvss3_nvd_ac	L	L	L
cvss3_nvd_pr	N	N	N
cvss3_nvd_ui	R	R	R
cvss3_nvd_s	U	U	U
cvss3_nvd_c	H	H	H
cvss3_nvd_i	H	H	H
cvss3_nvd_a	H	H	H
date	1506470400 (09/27/2017)	1506470400 (09/27/2017)	1506470400 (09/27/2017)
location	GitHub Repository	GitHub Repository	GitHub Repository
url	https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d	https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d	https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
price_0day	$0-$5k	$0-$5k	$0-$5k
name	Upgrade	Upgrade	Upgrade
upgrade_version	3.3.4	3.3.4	3.3.4
cve	CVE-2017-14767	CVE-2017-14767	CVE-2017-14767
cve_assigned	1506470400	1506470400	1506470400
cve_nvd_published	1506470400	1506470400	1506470400
cve_nvd_summary	The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.	The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.	The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.
oval_id	oval:org.cisecurity:def:3398	oval:org.cisecurity:def:3398	oval:org.cisecurity:def:3398
securityfocus	101019	101019	101019
securityfocus_title	FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability	FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability	FFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability
nessus_id	103758	103758	103758
nessus_name	Debian DSA-3996-1 : ffmpeg - security update	Debian DSA-3996-1 : ffmpeg - security update	Debian DSA-3996-1 : ffmpeg - security update
nessus_filename	debian_DSA-3996.nasl	debian_DSA-3996.nasl	debian_DSA-3996.nasl
nessus_risk	High	High	High
nessus_family	Debian Local Security Checks	Debian Local Security Checks	Debian Local Security Checks
nessus_type	local	local	local
nessus_date	1507680000 (10/11/2017)	1507680000 (10/11/2017)	1507680000 (10/11/2017)
openvas_id	53378	53378	53378
openvas_filename	deb_3996.nasl	deb_3996.nasl	deb_3996.nasl
openvas_title	Debian Security Advisory DSA 3996-1 (ffmpeg - security update)	Debian Security Advisory DSA 3996-1 (ffmpeg - security update)	Debian Security Advisory DSA 3996-1 (ffmpeg - security update)
openvas_family	Debian Local Security Checks	Debian Local Security Checks	Debian Local Security Checks
discoverydate		1503532800	1503532800
confirm_url		https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d	https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
date		1507593600 (10/10/2017)	1507593600 (10/10/2017)
securityfocus_date		1506470400 (09/27/2017)	1506470400 (09/27/2017)
securityfocus_class		Boundary Condition Error	Boundary Condition Error
person_name			Bingchang
cvss2_nvd_basescore			6.8

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!