{"id":"PYSEC-2017-77","details":"The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.","aliases":["CVE-2017-17555"],"modified":"2023-11-01T04:48:02.760072Z","published":"2017-12-12T01:29:00Z","references":[{"type":"WEB","url":"https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html"}],"affected":[{"package":{"name":"aubio","ecosystem":"PyPI","purl":"pkg:pypi/aubio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.7"}]}],"versions":["0.4.3","0.4.3.post1","0.4.3a1","0.4.3a2","0.4.4","0.4.5","0.4.6"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/aubio/PYSEC-2017-77.yaml"}}],"schema_version":"1.7.3"}