Denial of Service Vulnerability in FFmpeg 2.4 and 3.3.3

Denial of Service Vulnerability in FFmpeg 2.4 and 3.3.3

CVE-2017-14058 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).

Learn more about our Web Application Penetration Testing UK.