{"id":"CVE-2016-10190","details":"Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.","modified":"2026-02-23T01:16:45.039295Z","published":"2017-02-09T15:59:00.627Z","related":["openSUSE-SU-2017:0958-1","openSUSE-SU-2017:0961-1","openSUSE-SU-2024:10754-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/95986"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"},{"type":"WEB","url":"https://trac.ffmpeg.org/ticket/5992"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2017/01/31/12"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2017/02/02/1"},{"type":"ADVISORY","url":"https://ffmpeg.org/security.html"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2017/01/31/12"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2017/02/02/1"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2017/01/31/12"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2017/02/02/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"fixed":"2a05c8f813de6f2278827734bf8102291e7484aa"}]}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8-dev","n2.9-dev","n3.1-dev","n3.2-dev","n3.3-dev"],"database_specific":{"vanir_signatures":[{"id":"CVE-2016-10190-08770d1e","target":{"file":"libavformat/http.c"},"deprecated":false,"signature_type":"Line","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"threshold":0.9,"line_hashes":["195999663670395503853889201858602138339","337394873705817049612632853846211991246","281429762653280480764985616040684003074","181135591961178219334965079780398465644","301977385217758711588590238081694807191","4332534641764958029126003953881495642","78488409577540362127201842823735556550","294245872781092961482345009691324773866","50172627417254511126384020568043869421","112650500083297809555288309914964668779","30056712349516425312493654165939340259","298249970838642601123972583878986451394","176407889866597877503055189876499418998","193744821904088677257446971802230192422","167936627276812967465598665592130335165","149057470804409335808502586868429057327","314912851706149201516506787973960357799","147173598555519645520579805310458146800","29087375443321685771228653565552823132","338133686815687239574396247767484144980","242586206816867182635535439722785464192","63274841844650378289363788216436177961","69695398128977857204627250329512846761","159877063323603233213517554618491457080","148746741395448115673262940748286112383","215135803124320082263730838657324867399","304785617176626286438417500308733431081","104683594907378898032347369266827696254","210609334766725791740571382647031557290","336025561921878649109859305752516240059","193335780054135415349016455931345387834","5200210177290942409173405905234360868","58041336525576138683760382081305512420","176236939584381875316021462629521047469","94212220667250397537912484595720679606","307694002484925509855511584325910580472","145103461001093881257625819130696065017","230610564455100988109910632330191728421","70125292451460020843285881429093326179","153598065943465698668267997740394593054","268593430374134125250196730081209385195","293868026800181583571677458898190406017","88295059203012252592394965214548395627","105093005580092505988693877616976967979","86007042803940118800028476800584149559","311880476248326962136008921758625687463","338764777561368621476221375386326476238","47664005056104378332100527446338762935","44611751549552516955042496857640975595","107463033404543910575729349428633843257","43715430391330689511422764253024813728","49146989014158618782354245167122525313","324626250988046984580502223692664343191","68110331019358658271543741634753719589","257630673840875065656696176013196471051","330174377874492950428532523797563114320","184571769670058717495637840659386306545","72037359362049757401143768323280573478","261418715895457626359130608669225281735","191710336257866828202651790587640462656","266561053794300878391607306269928875736","71695166541645273191353008378911185674","160044126434007948026797462302852327725","208035063315291775027148960437059197391","74446269432642678552563105823143251367","76111632104629555969923027847174221838","121801329192032031979805864317813189823","169656543150414343351800221982084571677","275579883180837985032567593021986275590","214330101327163149036806779438415064661","95847572856940569416720961064551929955","257358118154356826154560378835377248593","72071214125283239948482876234408555385","301979849324286532993733565032331804118","186079235504122307468672380495855990691","141803169938265716261785770250791107490","12230199056265414075302853110896926046","48300616660767152834298710993760025847","2828056941259794508615439231571091318","3967397339702129711626534087308805389","49414725480161860793357595366995394760","98126838883829452946687614567867936231","293945222104089173824526833737138028955","108374270174840899325385671156632327395","196634904955693853372131665235786018387","26815514573349448131419393817877586727","300054146929949682389009299887678074309","111314383662916087408744711679758884830","175794948142823669334687464441360552413","33726988287170670072613719082076087265","13811679111082197512425596512372468787","68262581337783293796152438586751386088","293118137688244615364615398507471217242","263405096623595840524318800257381257853","294291539822903816170014810798224938706","136957136615083739787700046919468007988","219730309520283490880425513840675405698","204739233458432632821450147658324888399","169317966908470365298673360861576515443","77667814784786339654793077996442539596","221382695690763806654900884331706904610","153240225503016989958213145739932616551","86387841214565110119566692317248873878"]},"signature_version":"v1"},{"id":"CVE-2016-10190-0ce4b0a7","target":{"file":"libavformat/http.c","function":"http_connect"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":4320,"function_hash":"12610718817939929222738398655267156227"},"signature_version":"v1"},{"id":"CVE-2016-10190-2f73aea5","target":{"file":"libavformat/http.c","function":"http_read_stream"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":1750,"function_hash":"302717158320484032752066418671647662494"},"signature_version":"v1"},{"id":"CVE-2016-10190-6c648151","target":{"file":"libavformat/http.c","function":"http_seek_internal"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":1218,"function_hash":"6516275375144746073299497260326148662"},"signature_version":"v1"},{"id":"CVE-2016-10190-6e795f3b","target":{"file":"libavformat/http.c","function":"http_read_header"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":668,"function_hash":"29291998720851582992351322556084772994"},"signature_version":"v1"},{"id":"CVE-2016-10190-7161a4f2","target":{"file":"libavformat/http.c","function":"process_line"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":4144,"function_hash":"230933525932273812045672291144973050095"},"signature_version":"v1"},{"id":"CVE-2016-10190-77fbd344","target":{"file":"libavformat/http.c","function":"http_proxy_open"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":1871,"function_hash":"150729267673974336767668852687675522780"},"signature_version":"v1"},{"id":"CVE-2016-10190-aa69c7ad","target":{"file":"libavformat/http.c","function":"http_open"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":995,"function_hash":"80694966203472736538792799490348615589"},"signature_version":"v1"},{"id":"CVE-2016-10190-b20cd40c","target":{"file":"libavformat/http.c","function":"http_buf_read"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":858,"function_hash":"278051685018924489094697474612484937283"},"signature_version":"v1"},{"id":"CVE-2016-10190-c1942b99","target":{"file":"libavformat/http.c","function":"store_icy"},"deprecated":false,"signature_type":"Function","source":"https://github.com/ffmpeg/ffmpeg/commit/2a05c8f813de6f2278827734bf8102291e7484aa","digest":{"length":658,"function_hash":"13106501879363286127811322793886100134"},"signature_version":"v1"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10190.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}