CVEs-PoC/2016/CVE-2016-1898.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-03 20:53:39 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.1 KiB

Raw Permalink Blame History

CVE-2016-1898

Description

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.

POC

Reference

http://www.ubuntu.com/usn/USN-2944-1
https://www.kb.cert.org/vuls/id/772447

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/SexyBeast233/SecBooks
https://github.com/Threekiii/Awesome-POC
https://github.com/Threekiii/Vulhub-Reproduce
https://github.com/XiaomingX/awesome-poc-for-red-team
https://github.com/bakery312/Vulhub-Reproduce
https://github.com/cyberharsh/ffmpeg
https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks

1.1 KiB Raw Permalink Blame History

CVE-2016-1898

Description

POC

Reference

Github

1.1 KiB

Raw Permalink Blame History