FFmpeg up to 3.3.3 SDP File rtpdec_h264.c sdp_parse_fmtp_config_h264 Parameter memory corruption

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in FFmpeg up to 3.3.3 (Multimedia Processing Software). This affects the function sdp_parse_fmtp_config_h264 of the file libavformat/rtpdec_h264.c of the component SDP File Handler. Upgrading to version 3.3.4 eliminates this vulnerability. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability.

Field09/28/2017 08:57 AM11/20/2019 08:37 AM01/14/2021 03:21 PM
qualys_id176709176709176709
qualys_titleDebian Security Update for libav (DLA 1630-1)Debian Security Update for libav (DLA 1630-1)Debian Security Update for libav (DLA 1630-1)
seealso102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085102891 102892 106023 106024 106025 106186 106187 109163 110184 112831 113935 121963 122085
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcUCUCUC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcUUU
reaction_days131313
0day_days343434
exposure_days131313
cvss3_nvd_basescore8.88.88.8
typeMultimedia Processing SoftwareMultimedia Processing SoftwareMultimedia Processing Software
nameFFmpegFFmpegFFmpeg
version<=3.3.3<=3.3.3<=3.3.3
componentSDP File HandlerSDP File HandlerSDP File Handler
filelibavformat/rtpdec_h264.clibavformat/rtpdec_h264.clibavformat/rtpdec_h264.c
functionsdp_parse_fmtp_config_h264sdp_parse_fmtp_config_h264sdp_parse_fmtp_config_h264
input_typeParameterParameterParameter
cwe119 (memory corruption)119 (memory corruption)119 (memory corruption)
risk222
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.35.35.3
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auNNN
cvss2_nvd_ciPPP
cvss2_nvd_iiPPP
cvss2_nvd_aiPPP
cvss3_meta_basescore8.08.08.0
cvss3_meta_tempscore7.07.07.0
cvss3_vuldb_basescore7.37.37.3
cvss3_vuldb_tempscore6.46.46.4
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiRRR
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
date1506470400 (09/27/2017)1506470400 (09/27/2017)1506470400 (09/27/2017)
locationGitHub RepositoryGitHub RepositoryGitHub Repository
urlhttps://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326dhttps://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326dhttps://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
price_0day$0-$5k$0-$5k$0-$5k
nameUpgradeUpgradeUpgrade
upgrade_version3.3.43.3.43.3.4
cveCVE-2017-14767CVE-2017-14767CVE-2017-14767
cve_assigned150647040015064704001506470400
cve_nvd_published150647040015064704001506470400
cve_nvd_summaryThe sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file.
oval_idoval:org.cisecurity:def:3398oval:org.cisecurity:def:3398oval:org.cisecurity:def:3398
securityfocus101019101019101019
securityfocus_titleFFmpeg CVE-2017-14767 Heap Buffer Overflow VulnerabilityFFmpeg CVE-2017-14767 Heap Buffer Overflow VulnerabilityFFmpeg CVE-2017-14767 Heap Buffer Overflow Vulnerability
nessus_id103758103758103758
nessus_nameDebian DSA-3996-1 : ffmpeg - security updateDebian DSA-3996-1 : ffmpeg - security updateDebian DSA-3996-1 : ffmpeg - security update
nessus_filenamedebian_DSA-3996.nasldebian_DSA-3996.nasldebian_DSA-3996.nasl
nessus_riskHighHighHigh
nessus_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
nessus_typelocallocallocal
nessus_date1507680000 (10/11/2017)1507680000 (10/11/2017)1507680000 (10/11/2017)
openvas_id533785337853378
openvas_filenamedeb_3996.nasldeb_3996.nasldeb_3996.nasl
openvas_titleDebian Security Advisory DSA 3996-1 (ffmpeg - security update)Debian Security Advisory DSA 3996-1 (ffmpeg - security update)Debian Security Advisory DSA 3996-1 (ffmpeg - security update)
openvas_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
discoverydate15035328001503532800
confirm_urlhttps://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326dhttps://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d
date1507593600 (10/10/2017)1507593600 (10/10/2017)
securityfocus_date1506470400 (09/27/2017)1506470400 (09/27/2017)
securityfocus_classBoundary Condition ErrorBoundary Condition Error
person_nameBingchang
cvss2_nvd_basescore6.8

Do you know our Splunk app?

Download it now for free!