CVE-2017-14055 in FFmpeginfo

Zusammenfassung (Englisch)

In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MV file, which claims a large "nb_frames" field in the header but does not contain sufficient backing data, is provided, the loop over the frames would consume huge CPU and memory resources, since there is no EOF check inside the loop.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

31.08.2017

Veröffentlichung

31.08.2017

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
106023FFmpeg mvdec.c mv_read_header Denial of Service399Nicht definiertOffizieller FixCVE-2017-14055

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Want to know what is going to be exploited?

We predict KEV entries!