CVE-2017-5843
- EPSS 3.8%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors...
CVE-2017-5844
- EPSS 2.53%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
CVE-2017-5845
- EPSS 3.82%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding t...
CVE-2017-5846
- EPSS 2.03%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of...
CVE-2017-5847
- EPSS 3.73%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
CVE-2017-5848
- EPSS 4.43%
- Veröffentlicht 09.02.2017 15:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
CVE-2016-10198
- EPSS 2.67%
- Veröffentlicht 09.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
CVE-2016-10199
- EPSS 4.23%
- Veröffentlicht 09.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
CVE-2016-9636
- EPSS 8.91%
- Veröffentlicht 27.01.2017 22:59:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'w...
CVE-2016-9634
- EPSS 9.27%
- Veröffentlicht 27.01.2017 22:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_lin...