The ffamfgetfieldvalue function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.
[
{
"source": "https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130",
"id": "CVE-2017-11665-0d89a886",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "ff_amf_get_field_value",
"file": "libavformat/rtmppkt.c"
},
"digest": {
"length": 1070.0,
"function_hash": "205183553060426722162948910966828745010"
},
"signature_type": "Function"
},
{
"source": "https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130",
"id": "CVE-2017-11665-181b3913",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "libavformat/rtmppkt.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"119525829152138997229421386697400595611",
"283396624328612933114004597416357618974",
"181488021797294351772666678606023701183",
"99030858416895450986495950455119011784",
"60572819681354202887242357292224547816",
"169601564716927192136384883965722245915",
"159843864184572245935614350224258432393",
"217561154677970865326694428335219625270",
"108600268360251538217117002002746968746",
"27523953397817734013417872978574134604",
"334262269513359504466868541951666767841",
"217349619408935487478800810478961201670",
"304801868635384208211446204269863453525",
"261891116317099124807141659355652458438",
"275465435699393947434230754925417642288",
"240717570903843159786440288059888366611",
"65685587077186705489639070412769111721",
"8112520192307805805066635223116531757",
"221873647770180047993828271148339097536",
"257576898090867904546678772626444778839",
"140174415144897303455869467570803318703",
"40455327668967645867389292057126968177",
"299980427798791658133331000614728291519",
"86050754812393736678233543015244335030",
"25361513582980790802788250612190621265",
"116051176796753427053824882244807273270",
"94852604708976941193375822766174579851",
"233675127815310929592832098467349175105",
"104559840315978287012637920259768619286",
"227931011786941553363216470168043551174",
"187860873828140904427849752701216163101",
"322290209313302550632526325746032554113",
"131397126566865651611829997405169023628",
"224391512877024522496051628105612838762",
"286406197902499716700061401924551736481",
"184109972630909419930208712905787083312",
"6350249251361540581844437077664429900",
"297295444819886776360825326696600298970",
"122499222081181327446980199902297322960",
"172864001280102037275592545112240474898",
"314653519205647352213566912986301429793",
"139832291956838974679933695301419560403",
"96126795074133237260773814828403477743",
"114190792760955511666391802506147356439",
"201831490182197491574192230225028417722",
"212428909283657059081895132949458579804",
"129314191893069476401488578025520056545",
"20727953780339392078005514572039824710"
]
},
"signature_type": "Line"
}
]