2017-11-10

[public] 6.91K views, 274 likes, 5.00 dislikes audio only

LiveOverflow

Paul shows us another exploit for FFmpeg. The vulnerability is located in the RTMP protocol. While working with the binary format of the protocol requires a lot of work, the exploit itself is very easy.

Vulnerable Version: https://github.com/FFmpeg/FFmpeg/tree/d903b4e3ad4a81b3dd79f12c2f3b9cb16e511173

Paul on Twitter: https://twitter.com/__paulch

LiveOverflow Podcast: http://liveoverflow.libsyn.com/

Original Email: http://www.openwall.com/lists/oss-security/2017/02/02/1

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b

→ Graphics tablet:* https://geni.us/wacom-intuos

→ Camera#1 for streaming:* https://geni.us/sony-camera

→ Lens for streaming:* https://geni.us/sony-lense

→ Connect Camera#1 to PC:* https://geni.us/cam-link

→ Keyboard:* https://geni.us/mech-keyboard

→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Website: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.

LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#SecurityResearch #BinaryExploitation #HeapOverflow #CVE