CVE-2016-10190

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
ffmpegffmpeg
𝑥
≤ 2.8.9
ffmpegffmpeg
3.0
ffmpegffmpeg
3.0.1
ffmpegffmpeg
3.0.2
ffmpegffmpeg
3.0.3
ffmpegffmpeg
3.0.4
ffmpegffmpeg
3.1
ffmpegffmpeg
3.1.1
ffmpegffmpeg
3.1.2
ffmpegffmpeg
3.1.3
ffmpegffmpeg
3.1.4
ffmpegffmpeg
3.1.5
ffmpegffmpeg
3.2
ffmpegffmpeg
3.2.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ffmpeg
bullseye
7:4.3.7-0+deb11u1
fixed
bullseye (security)
7:4.3.8-0+deb11u1
fixed
bookworm
7:5.1.6-0+deb12u1
fixed
bookworm (security)
7:5.1.6-0+deb12u1
fixed
sid
7:7.1-3
fixed
trixie
7:7.1-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ffmpeg
bionic
not-affected
artful
not-affected
zesty
not-affected
yakkety
ignored
xenial
Fixed 7:2.8.11-0ubuntu0.16.04.1
released
trusty
dne
precise
dne
libav
bionic
dne
artful
dne
zesty
dne
yakkety
dne
xenial
dne
trusty
ignored
precise
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2017/01/31/12
http://www.openwall.com/lists/oss-security/2017/02/02/1
http://www.securityfocus.com/bid/95986
https://ffmpeg.org/security.html
https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
https://trac.ffmpeg.org/ticket/5992
http://www.openwall.com/lists/oss-security/2017/01/31/12
http://www.openwall.com/lists/oss-security/2017/02/02/1
http://www.securityfocus.com/bid/95986
https://ffmpeg.org/security.html
https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa
https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
https://trac.ffmpeg.org/ticket/5992