PT-2017-16285 · Google+2 · Google Chrome+2
Published
2017-03-09
·
Updated
2021-09-08
·
CVE-2017-5048
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 57.0.2987.98 for Mac, Windows, and Linux
Google Chrome version prior to 57.0.2987.108 for Android
Opera (affected versions not specified)
Description
An integer overflow in FFmpeg allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to
ChunkDemuxer.Recommendations
For Google Chrome versions prior to 57.0.2987.98 for Mac, Windows, and Linux, update to version 57.0.2987.98 or later.
For Google Chrome version prior to 57.0.2987.108 for Android, update to version 57.0.2987.108 or later.
For Opera, at the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ffmpeg
Google Chrome
Opera