Wind River Support Network

HomeDefectsLIN9-4517
Fixed

LIN9-4517 : Security Advisory - ffmpeg - CVE-2017-9993

Created: Jun 29, 2017    Updated: Dec 3, 2018
Resolved Date: Aug 2, 2017
Found In Version: 9.0.0.7
Fix Version: 9.0.0.9
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data.

https://nvd.nist.gov/vuln/detail/CVE-2017-9993

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube