CVE-2024-36617
CVSS 3.1 Score 6.2 of 10 (medium)
Details
Published Nov 29, 2024
Updated: Dec 2, 2024
CWE ID 190
Summary
CVE-2024-36617 is a newly disclosed vulnerability affecting version 6.1.1 of FFmpeg's CAF decoder. The issue involves an integer overflow, which can potentially be exploited to execute arbitrary code or cause denial-of-service conditions. Attackers could manipulate specially crafted audio files to trigger the vulnerability, leading to serious security consequences. Users are encouraged to update their FFmpeg installations to a patched version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- FFmpeg