CVE-2015-3417

Source
https://nvd.nist.gov/vuln/detail/CVE-2015-3417
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-3417.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2015-3417
Related
Published
2015-04-24T17:59:03Z
Modified
2024-09-11T02:00:06Z
Summary
[none]
Details

Use-after-free vulnerability in the ffh264free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.

References

Affected packages

Debian:11 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:2.6.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}