Gstreamer

Gstreamer

103 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 9.27%
  • Veröffentlicht 27.01.2017 22:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 's...

  • EPSS 3.69%
  • Veröffentlicht 23.01.2017 21:59:03
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.

  • EPSS 3.57%
  • Veröffentlicht 23.01.2017 21:59:03
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.

  • EPSS 2.84%
  • Veröffentlicht 23.01.2017 21:59:03
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.

Exploit
  • EPSS 5.11%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.

  • EPSS 2.93%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.

  • EPSS 2.39%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unr...

  • EPSS 2.36%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

  • EPSS 3.57%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.

  • EPSS 7.97%
  • Veröffentlicht 13.01.2017 16:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.