{"id":"CVE-2017-11665","details":"The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.","modified":"2026-04-16T01:39:48.006598373Z","published":"2017-07-27T12:29:00.180Z","related":["openSUSE-SU-2024:10754-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3957"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100017"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"fixed":"ffcc82219cef0928bed2d558b19ef6ea35634130"}]}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8-dev","n2.9-dev","n3.1-dev","n3.2-dev","n3.3-dev","n3.4-dev"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","digest":{"function_hash":"205183553060426722162948910966828745010","length":1070},"id":"CVE-2017-11665-0d89a886","target":{"file":"libavformat/rtmppkt.c","function":"ff_amf_get_field_value"},"deprecated":false,"source":"https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130","signature_version":"v1"},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["119525829152138997229421386697400595611","283396624328612933114004597416357618974","181488021797294351772666678606023701183","99030858416895450986495950455119011784","60572819681354202887242357292224547816","169601564716927192136384883965722245915","159843864184572245935614350224258432393","217561154677970865326694428335219625270","108600268360251538217117002002746968746","27523953397817734013417872978574134604","334262269513359504466868541951666767841","217349619408935487478800810478961201670","304801868635384208211446204269863453525","261891116317099124807141659355652458438","275465435699393947434230754925417642288","240717570903843159786440288059888366611","65685587077186705489639070412769111721","8112520192307805805066635223116531757","221873647770180047993828271148339097536","257576898090867904546678772626444778839","140174415144897303455869467570803318703","40455327668967645867389292057126968177","299980427798791658133331000614728291519","86050754812393736678233543015244335030","25361513582980790802788250612190621265","116051176796753427053824882244807273270","94852604708976941193375822766174579851","233675127815310929592832098467349175105","104559840315978287012637920259768619286","227931011786941553363216470168043551174","187860873828140904427849752701216163101","322290209313302550632526325746032554113","131397126566865651611829997405169023628","224391512877024522496051628105612838762","286406197902499716700061401924551736481","184109972630909419930208712905787083312","6350249251361540581844437077664429900","297295444819886776360825326696600298970","122499222081181327446980199902297322960","172864001280102037275592545112240474898","314653519205647352213566912986301429793","139832291956838974679933695301419560403","96126795074133237260773814828403477743","114190792760955511666391802506147356439","201831490182197491574192230225028417722","212428909283657059081895132949458579804","129314191893069476401488578025520056545","20727953780339392078005514572039824710"]},"signature_type":"Line","target":{"file":"libavformat/rtmppkt.c"},"deprecated":false,"source":"https://github.com/ffmpeg/ffmpeg/commit/ffcc82219cef0928bed2d558b19ef6ea35634130","id":"CVE-2017-11665-181b3913"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-11665.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}