Vulnerabilities > CVE-2016-7122 - Resource Management Errors vulnerability in Ffmpeg
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Gentoo Local Security Checks |
| NASL id | GENTOO_GLSA-201701-71.NASL |
| description | The remote host is affected by the vulnerability described in GLSA-201701-71 (FFmpeg: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in FFmpeg. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could cause a Denial of Service condition via various crafted media file types or have other unspecified impacts. Workaround : There is no known workaround at this time. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 96857 |
| published | 2017-01-30 |
| reporter | This script is Copyright (C) 2017 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/96857 |
| title | GLSA-201701-71 : FFmpeg: Multiple vulnerabilities |