CVE-2017-11665

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-11665
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11665.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-11665
Downstream
Related
Published
2017-07-27T12:29:00Z
Modified
2025-10-14T16:04:35.921852Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The ffamfgetfieldvalue function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.

References

Affected packages

Git / git.ffmpeg.org/ffmpeg.git

Affected ranges

Type
GIT
Repo
https://git.ffmpeg.org/ffmpeg.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Type
GIT
Repo
https://github.com/ffmpeg/ffmpeg
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

N

n0.*

n0.11-dev
n0.12-dev
n0.8

n1.*

n1.1-dev
n1.2-dev
n1.3-dev

n2.*

n2.0
n2.1-dev
n2.2-dev
n2.3-dev
n2.4-dev
n2.5-dev
n2.6-dev
n2.7-dev
n2.8-dev
n2.9-dev

n3.*

n3.1-dev
n3.2-dev
n3.3-dev
n3.4-dev

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2017-11665-0d89a886",
            "signature_type": "Function",
            "target": {
                "file": "libavformat/rtmppkt.c",
                "function": "ff_amf_get_field_value"
            },
            "deprecated": false,
            "digest": {
                "length": 1070.0,
                "function_hash": "205183553060426722162948910966828745010"
            },
            "signature_version": "v1",
            "source": "https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130"
        },
        {
            "id": "CVE-2017-11665-181b3913",
            "signature_type": "Line",
            "target": {
                "file": "libavformat/rtmppkt.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "119525829152138997229421386697400595611",
                    "283396624328612933114004597416357618974",
                    "181488021797294351772666678606023701183",
                    "99030858416895450986495950455119011784",
                    "60572819681354202887242357292224547816",
                    "169601564716927192136384883965722245915",
                    "159843864184572245935614350224258432393",
                    "217561154677970865326694428335219625270",
                    "108600268360251538217117002002746968746",
                    "27523953397817734013417872978574134604",
                    "334262269513359504466868541951666767841",
                    "217349619408935487478800810478961201670",
                    "304801868635384208211446204269863453525",
                    "261891116317099124807141659355652458438",
                    "275465435699393947434230754925417642288",
                    "240717570903843159786440288059888366611",
                    "65685587077186705489639070412769111721",
                    "8112520192307805805066635223116531757",
                    "221873647770180047993828271148339097536",
                    "257576898090867904546678772626444778839",
                    "140174415144897303455869467570803318703",
                    "40455327668967645867389292057126968177",
                    "299980427798791658133331000614728291519",
                    "86050754812393736678233543015244335030",
                    "25361513582980790802788250612190621265",
                    "116051176796753427053824882244807273270",
                    "94852604708976941193375822766174579851",
                    "233675127815310929592832098467349175105",
                    "104559840315978287012637920259768619286",
                    "227931011786941553363216470168043551174",
                    "187860873828140904427849752701216163101",
                    "322290209313302550632526325746032554113",
                    "131397126566865651611829997405169023628",
                    "224391512877024522496051628105612838762",
                    "286406197902499716700061401924551736481",
                    "184109972630909419930208712905787083312",
                    "6350249251361540581844437077664429900",
                    "297295444819886776360825326696600298970",
                    "122499222081181327446980199902297322960",
                    "172864001280102037275592545112240474898",
                    "314653519205647352213566912986301429793",
                    "139832291956838974679933695301419560403",
                    "96126795074133237260773814828403477743",
                    "114190792760955511666391802506147356439",
                    "201831490182197491574192230225028417722",
                    "212428909283657059081895132949458579804",
                    "129314191893069476401488578025520056545",
                    "20727953780339392078005514572039824710"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130"
        }
    ]
}