1
Candidate: CVE-2015-3417
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3417
5
http://seclists.org/fulldisclosure/2015/Apr/31
7
Use-after-free vulnerability in the ff_h264_free_tables function in
8
libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a
9
denial of service or possibly have unspecified other impact via crafted
10
H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that
11
references H.264 data.
14
mdeslaur> doesn't appear to affected libav in precise
17
Discovered-by: Michal Zalewski
21
upstream: https://git.libav.org/?p=libav.git;a=commit;h=3b69f245dbe6e2016659a45c4bfe284f6c5ac57e
22
upstream: https://git.libav.org/?p=libav.git;a=commit;h=964fef3f3ced60e67831549df223bc177e1537c9
23
upstream_libav: released (11.4)
24
precise_libav: not-affected (4:0.8.17-0ubuntu0.12.04.1)
25
precise/esm_libav: DNE (precise was not-affected [4:0.8.17-0ubuntu0.12.04.1])
27
utopic_libav: ignored (reached end-of-life)
28
vivid_libav: ignored (reached end-of-life)
29
vivid/stable-phone-overlay_libav: DNE
30
vivid/ubuntu-core_libav: DNE
40
upstream: https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214
41
upstream_ffmpeg: released (7:2.6.1-1)
42
lucid_ffmpeg: ignored (reached end-of-life)
44
precise/esm_ffmpeg: DNE
47
vivid_ffmpeg: not-affected (7:2.5.6-0ubuntu0.15.04.1)
48
vivid/stable-phone-overlay_ffmpeg: DNE
49
vivid/ubuntu-core_ffmpeg: DNE
50
wily_ffmpeg: not-affected
51
xenial_ffmpeg: not-affected
52
yakkety_ffmpeg: not-affected
53
zesty_ffmpeg: not-affected
54
artful_ffmpeg: not-affected
55
bionic_ffmpeg: not-affected
56
devel_ffmpeg: not-affected