Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-14223

Опубликовано: 09 сент. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.1
CVSS3: 6.5

Описание

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

7:3.3.4-1
cosmic

not-affected

7:3.3.4-1
devel

not-affected

7:3.3.4-1
esm-apps/bionic

not-affected

7:3.3.4-1
esm-apps/xenial

released

7:2.8.14-0ubuntu0.16.04.1
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

code not present
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

not-affected

code not present
upstream

needs-triage

vivid/ubuntu-core

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.0085
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-14223

CVSS3: 6.5
nvd
больше 8 лет назад

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.

debian логотип

CVE-2017-14223

CVSS3: 6.5
debian
больше 8 лет назад

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_i ...

github логотип

GHSA-fhhh-rhfq-jf53

CVSS3: 6.5
github
больше 3 лет назад

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.

fstec логотип

BDU:2017-02297

CVSS3: 6.5
fstec
больше 8 лет назад

Уязвимость функции asf_build_simple_index() мультимедийной библиотеки FFmpeg (libavformat/asfdec_f.c), позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

openSUSE-SU-2017:2501-1

suse-cvrf
больше 8 лет назад

Security update for ffmpeg, ffmpeg2

EPSS

Процентиль: 74%
0.0085
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3