CVE-2016-9635
- EPSS 9.27%
- Veröffentlicht 27.01.2017 22:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 's...
CVE-2016-9445
- EPSS 3.69%
- Veröffentlicht 23.01.2017 21:59:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
CVE-2016-9446
- EPSS 3.57%
- Veröffentlicht 23.01.2017 21:59:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
CVE-2016-9447
- EPSS 2.84%
- Veröffentlicht 23.01.2017 21:59:03
- Zuletzt bearbeitet 13.05.2026 00:24:29
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
CVE-2016-9808
- EPSS 5.11%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.
CVE-2016-9809
- EPSS 2.93%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
CVE-2016-9810
- EPSS 2.39%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unr...
CVE-2016-9811
- EPSS 2.36%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2016-9812
- EPSS 3.57%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section.
CVE-2016-9813
- EPSS 7.97%
- Veröffentlicht 13.01.2017 16:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.