HTTP: FFmpeg mov_read_keys Integer Overflow

This signature detects attempts to exploit a known vulnerability against FFmpeg. Successful exploitation of the vulnerability can possibly lead to remote code execution.

Extended Description

An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

Affected Products

Google chrome

Short Name
HTTP:STC:FFMPEG-ENTRY-COUNT
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-5199 FFmpeg Integer Overflow mov_read_keys
Release Date
12/15/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Google

CVSS Score

6.8

Found a potential security threat?