PT-2017-7372 · Rtmpdump+1 · Rtmpdump+1

Dave Mcdaniel

·

Published

2017-04-13

·

Updated

2017-11-04

·

CVE-2015-8271

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions RTMPDump version 2.4
Description The issue allows remote RTMP Media servers to execute arbitrary code via the AMF3CD AddProp function in amf.c.
Recommendations For RTMPDump version 2.4, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-123

Related Identifiers

CVE-2015-8271
DLA-917-1
DSA-3850-1
USN-3283-1
USN-3283-2

Affected Products

Rtmpdump
Ubuntu