Download
| Alert*
oval:org.secpod.oval:def:89045236
This update for gstreamer-plugins-bad fixes the following issues: - CVE-2016-9809: Malicious mkv/h264 file could cause an off by one out of bounds read and lead to crash - CVE-2016-9812: Malicious mpeg file could cause invalid a null pointer access and lead to crash - CVE-2016-9813: Malicious mpeg ... oval:org.secpod.oval:def:2103260 The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file. oval:org.secpod.oval:def:204072 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ... oval:org.secpod.oval:def:89045256 This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes: - Check an integer overflow and initialize a buffer in vmncdec. - CVE-2016-9809: Ensure codec_data has the right size ... oval:org.secpod.oval:def:111724 GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. oval:org.secpod.oval:def:111729 GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. oval:org.secpod.oval:def:501959 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ... oval:org.secpod.oval:def:1501722 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer"s VMware ... oval:org.secpod.oval:def:1900539 The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service via a too small section. oval:org.secpod.oval:def:602832 Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened. oval:org.secpod.oval:def:1800395 CVE-2016-9809: Off-by-one read in gst_h264_parse_set_caps Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. oval:org.secpod.oval:def:1800525 CVE-2016-9809: Off-by-one read in gst_h264_parse_set_caps Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. |