CVE-2016-10191

high-risk
Published 2017-02-09

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.

Do I need to act?

~
8.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 7d57ca4d9a75562fa32e40766211de150f8b3ee7
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (14)

Affected Vendors

Ffmpeg

References (12)

Mailing List http://www.openwall.com/lists/oss-security/2017/01/31/12
Mailing List http://www.openwall.com/lists/oss-security/2017/02/02/1
http://www.securityfocus.com/bid/95989
Release Notes https://ffmpeg.org/security.html
Patch https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
Mailing List http://www.openwall.com/lists/oss-security/2017/01/31/12
Mailing List http://www.openwall.com/lists/oss-security/2017/02/02/1
http://www.securityfocus.com/bid/95989
Release Notes https://ffmpeg.org/security.html
Patch https://github.com/FFmpeg/FFmpeg/commit/7d57ca4d9a75562fa32e40766211de150f8b3ee7
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
60
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 10/34 · Low
Exposure 18/34 · Moderate