PT-2016-5349 · Libav+1 · Libav+1
Publicado
2016-06-14
·
Atualizado
2024-06-15
·
CVE-2016-3062
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Libav versions prior to 11.7
FFmpeg versions prior to 0.11
Description
The issue allows remote attackers to cause a denial of service or execute arbitrary code via the entries value in a dref box in an MP4 file. This is due to a problem in the mov read dref function in libavformat/mov.c.
Recommendations
For Libav versions prior to 11.7, update to version 11.7 or later.
For FFmpeg versions prior to 0.11, update to version 0.11 or later.
Correção
DoS
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ffmpeg
Libav