FFmpeg CVE-2017-9995 Multiple Heap Buffer Overflow Vulnerabilities

FFmpeg is prone to multiple heap-based buffer overflow vulnerabilities.

Successfully exploiting these issues allow remote attackers to crash the affected application, denying service to legitimate users. Due to the nature of this issue, code execution may be possible but this has not been confirmed.

FFmpeg 3.3 is vulnerable.

Information

Bugtraq ID: 99320
Class: Boundary Condition Error
CVE: CVE-2017-9995

Remote: Yes
Local: No
Published: Jun 28 2017 12:00AM
Updated: Jun 28 2017 12:00AM
Credit: The vendor reported this issue.
Vulnerable: FFmpeg FFmpeg 3.3

Not Vulnerable: FFmpeg FFmpeg 3.3.1

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

avcodec/scpr: Check y in first line loop in decompress_i() (FFmpeg)
avcodec/scpr: Fix multiple runtime error: index 256 out of bounds forâ?¦ (FFmpeg)
FFmpeg Homepage (FFmpeg)
Reproducing OSS-Fuzz issues (Google)
ffmpeg: Heap-buffer-overflow in decompress_i (Chromium)
ffmpeg: Index-out-of-bounds in decode_unit (Chromium)

Source: www.securityfocus.com

Exploit Collector

Search Exploit