mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-13 05:54:46 +02:00
0xMarcio
1.4 KiB
1.4 KiB
CVE-2017-9993
Description
FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist data.
POC
Reference
No PoCs from references.
Github
- https://github.com/301415926/Web-Security-Leanrning
- https://github.com/666999z/2
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CHYbeta/Web-Security-Learning
- https://github.com/R0B1NL1N/Web-Security-Learning
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TaiiHu/Web-Security-Learning-master
- https://github.com/YinWC/Security_Learning
- https://github.com/asw3asw/Web-Security-Learning
- https://github.com/catcher-mis/web-
- https://github.com/copperfieldd/Web-Security-Learning
- https://github.com/lnick2023/nicenice
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/superfish9/pt
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xfinest/Web-Security-Learning
- https://github.com/yEss5Lq/web_hack