Your submission was sent successfully! Close

CVE-2017-5024

Published: 27 January 2017

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
artful
Released (56.0.2924.76-0ubuntu2.1343)
bionic
Released (56.0.2924.76-0ubuntu2.1343)
precise Does not exist
(precise was ignored)
trusty Does not exist
(trusty was released [58.0.3029.81-0ubuntu0.14.04.1172])
upstream
Released (56.0.2924.76)
xenial
Released (56.0.2924.76-0ubuntu0.16.04.1268)
yakkety
Released (56.0.2924.76-0ubuntu0.16.10.1335)
zesty
Released (56.0.2924.76-0ubuntu2.1343)
ffmpeg
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(7:3.2.4-1)
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial
Released (7:2.8.11-0ubuntu0.16.04.1)
yakkety
Released (7:3.0.7-0ubuntu0.16.10.1)
zesty Ignored
(reached end-of-life)
oxide-qt
Launchpad, Ubuntu, Debian
artful
Released (1.20.4-0ubuntu1)
bionic Does not exist

precise Does not exist

trusty Does not exist
(trusty was released [1.20.4-0ubuntu0.14.04.1])
upstream Needs triage

xenial
Released (1.20.4-0ubuntu0.16.04.1)
yakkety
Released (1.20.4-0ubuntu0.16.10.1)
zesty
Released (1.20.4-0ubuntu1)