{"id":"CVE-2015-3417","details":"Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.","modified":"2026-04-16T01:40:46.382793272Z","published":"2015-04-24T17:59:03Z","withdrawn":"2026-01-27T04:15:00.588574Z","related":["openSUSE-SU-2024:10926-1"],"references":[{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2015/Apr/31"},{"type":"ADVISORY","url":"http://www.debian.org/security/2015/dsa-3288"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/74385"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1032198"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201705-08"},{"type":"WEB","url":"https://git.libav.org/?p=libav.git%3Ba=blob%3Bf=Changelog%3Bhb=refs/tags/v11.4"}],"schema_version":"1.7.3"}