Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2016-1898
Description:FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-1898
BugTraq ID: 80501
http://www.securityfocus.com/bid/80501
CERT/CC vulnerability note: VU#772447
https://www.kb.cert.org/vuls/id/772447
Debian Security Information: DSA-3506 (Google Search)
http://www.debian.org/security/2016/dsa-3506
https://security.gentoo.org/glsa/201606-09
https://security.gentoo.org/glsa/201705-08
http://habrahabr.ru/company/mailru/blog/274855
http://www.openwall.com/lists/oss-security/2016/01/14/1
http://www.securitytracker.com/id/1034932
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036
SuSE Security Announcement: openSUSE-SU-2016:0243 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html
http://www.ubuntu.com/usn/USN-2944-1




© 1998-2024 E-Soft Inc. All rights reserved.