CVE-2015-8271

Published: 13 April 2017

The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
rtmpdump
Launchpad, Ubuntu, Debian
Upstream
Released (2.4+20151223.gitfa8646d.1-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.4+20151223.gitfa8646d-1ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.4+20121230.gitdf6c518-1ubuntu0.1)
Patches:
Upstream: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/39ec7eda489717d503bc4cbfaa591c93205695b6
Upstream: http://git.ffmpeg.org/gitweb/rtmpdump.git/commitdiff/530f9bb2a02a78c1198fb2bf0293a12d225e4691