[Bug 206282] multimedia/ffmpeg zero-day vulnerability HLS
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Jan 15 02:58:21 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206282
Bug ID: 206282
Summary: multimedia/ffmpeg zero-day vulnerability HLS
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: multimedia at FreeBSD.org
Reporter: sasamotikomi at gmail.com
Assignee: multimedia at FreeBSD.org
Flags: maintainer-feedback?(multimedia at FreeBSD.org)
Attacker can simple put m3u8 in media container and get access to your local
file( for example password).
I recommend build ffmpeg with --disable-network
http://news.softpedia.com/news/zero-day-ffmpeg-vulnerability-lets-anyone-steal-files-from-remote-machines-498880.shtml
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-multimedia
mailing list