Candidate: CVE-2017-15672
PublicDate: 2017-11-06 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15672
Description:
 The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4
 and possibly earlier allows remote attackers to have unspecified impact via
 a crafted MP4 file, which triggers an out-of-bounds read.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_libav:
upstream_libav: needs-triage
precise/esm_libav: DNE
trusty_libav: ignored (reached end-of-life)
trusty/esm_libav: DNE (trusty was needed)
xenial_libav: DNE
zesty_libav: DNE
artful_libav: DNE
bionic_libav: DNE
cosmic_libav: DNE
disco_libav: DNE
devel_libav: DNE

Patches_ffmpeg:
upstream_ffmpeg: needs-triage
precise/esm_ffmpeg: DNE
trusty_ffmpeg: DNE
trusty/esm_ffmpeg: DNE
xenial_ffmpeg: released (7:2.8.14-0ubuntu0.16.04.1)
zesty_ffmpeg: ignored (reached end-of-life)
artful_ffmpeg: ignored (reached end-of-life)
bionic_ffmpeg: not-affected (7:3.4-1)
cosmic_ffmpeg: not-affected (7:3.4-1)
disco_ffmpeg: not-affected (7:3.4-1)
devel_ffmpeg: not-affected (7:3.4-1)