CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7
2017-01-10T00:00:00
ID OPENVAS:1361412562310882626 Type openvas Reporter Copyright (C) 2017 Greenbone Networks GmbH Modified 2019-03-08T00:00:00
Description
Check the version of gstreamer-plugins-bad-free
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.882626");
script_version("$Revision: 14058 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $");
script_tag(name:"creation_date", value:"2017-01-10 05:50:22 +0100 (Tue, 10 Jan 2017)");
script_cve_id("CVE-2016-9445", "CVE-2016-9447", "CVE-2016-9809");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_tag(name:"qod_type", value:"package");
script_name("CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7");
script_tag(name:"summary", value:"Check the version of gstreamer-plugins-bad-free");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"GStreamer is a streaming media framework based
on graphs of filters which operate on media data. The gstreamer-plugins-bad-free
package contains a collection of plug-ins for GStreamer.
Security Fix(es):
* An integer overflow flaw, leading to a heap-based buffer overflow, was
found in GStreamer's VMware VMnc video file format decoding plug-in. A
remote attacker could use this flaw to cause an application using GStreamer
to crash or, potentially, execute arbitrary code with the privileges of the
user running the application. (CVE-2016-9445)
* A memory corruption flaw was found in GStreamer's Nintendo NSF music file
format decoding plug-in. A remote attacker could use this flaw to cause an
application using GStreamer to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.
(CVE-2016-9447)
* An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A
remote attacker could use this flaw to cause an application using GStreamer
to crash. (CVE-2016-9809)
Note: This update removes the vulnerable Nintendo NSF plug-in.");
script_tag(name:"affected", value:"gstreamer-plugins-bad-free on CentOS 7");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_xref(name:"CESA", value:"2017:0018");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2017-January/022196.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2017 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS7");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS7")
{
if ((res = isrpmvuln(pkg:"gstreamer-plugins-bad-free", rpm:"gstreamer-plugins-bad-free~0.10.23~22.el7_3", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gstreamer-plugins-bad-free-devel", rpm:"gstreamer-plugins-bad-free-devel~0.10.23~22.el7_3", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gstreamer-plugins-bad-free-devel-docs", rpm:"gstreamer-plugins-bad-free-devel-docs~0.10.23~22.el7_3", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310882626", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7", "description": "Check the version of gstreamer-plugins-bad-free", "published": "2017-01-10T00:00:00", "modified": "2019-03-08T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882626", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["2017:0018", "http://lists.centos.org/pipermail/centos-announce/2017-January/022196.html"], "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "lastseen": "2019-05-29T18:34:12", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-0018", "CVE-2016-9447", "CVE-2016-9445", "CVE-2016-9809"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0018", "ELSA-2016-2974", "ELSA-2017-0021"]}, {"type": "centos", "idList": ["CESA-2017:0018", "CESA-2016:2974", "CESA-2017:0021"]}, {"type": "redhat", "idList": ["RHSA-2016:2974", "RHSA-2017:0021", "RHSA-2017:0018"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703713", "OPENVAS:1361412562310871739", "OPENVAS:1361412562310882627", "OPENVAS:1361412562311220171010", "OPENVAS:1361412562311220171008", "OPENVAS:1361412562310871740", "OPENVAS:1361412562310871732", "OPENVAS:1361412562311220171009", "OPENVAS:1361412562310882620", "OPENVAS:1361412562311220171007"]}, {"type": "nessus", "idList": ["EULEROS_SA-2017-1010.NASL", "SL_20161221_GSTREAMER_PLUGINS_BAD_FREE_ON_SL6_X.NASL", "EULEROS_SA-2017-1009.NASL", "REDHAT-RHSA-2017-0018.NASL", "SL_20170105_GSTREAMER_PLUGINS_BAD_FREE_ON_SL7_X.NASL", "REDHAT-RHSA-2016-2974.NASL", "ORACLELINUX_ELSA-2016-2974.NASL", "ORACLELINUX_ELSA-2017-0018.NASL", "CENTOS_RHSA-2017-0018.NASL", "VIRTUOZZO_VZLSA-2017-0018.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C", "DEBIAN:DLA-712-1:8C7BA", "DEBIAN:DSA-3818-1:FE037", "DEBIAN:DLA-736-1:19809"]}, {"type": "suse", "idList": ["SUSE-SU-2016:3297-1", "OPENSUSE-SU-2016:3158-1", "OPENSUSE-SU-2016:3147-1"]}, {"type": "fedora", "idList": ["FEDORA:C7BD660A866E", "FEDORA:37DF360C85D5", "FEDORA:8D16E601CF88", "FEDORA:5B76360648E6", "FEDORA:9C1D26087AB5", "FEDORA:8786E6075007"]}, {"type": "archlinux", "idList": ["ASA-201701-3"]}, {"type": "gentoo", "idList": ["GLSA-201705-10"]}, {"type": "vmware", "idList": ["VMSA-2017-0018"]}, {"type": "virtuozzo", "idList": ["VZLSA-2017:0018"]}, {"type": "mscve", "idList": ["MS:CVE-2017-0018"]}], "modified": "2019-05-29T18:34:12", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2019-05-29T18:34:12", "rev": 2}, "vulnersScore": 6.8}, "pluginID": "1361412562310882626", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882626\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-10 05:50:22 +0100 (Tue, 10 Jan 2017)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of gstreamer-plugins-bad-free\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework based\non graphs of filters which operate on media data. The gstreamer-plugins-bad-free\npackage contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * A memory corruption flaw was found in GStreamer's Nintendo NSF music file\nformat decoding plug-in. A remote attacker could use this flaw to cause an\napplication using GStreamer to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2016-9447)\n\n * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\");\n script_tag(name:\"affected\", value:\"gstreamer-plugins-bad-free on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0018\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022196.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.23~22.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel\", rpm:\"gstreamer-plugins-bad-free-devel~0.10.23~22.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel-docs\", rpm:\"gstreamer-plugins-bad-free-devel-docs~0.10.23~22.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T12:10:52", "description": "The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-23T21:59:00", "title": "CVE-2016-9447", "type": "cve", "cwe": ["CWE-125", "CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9447"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:gstreamer_project:gstreamer:0.10.2", "cpe:/a:gstreamer_project:gstreamer:0.10.33", "cpe:/a:gstreamer_project:gstreamer:0.10.6", "cpe:/a:gstreamer_project:gstreamer:0.10.10", "cpe:/a:gstreamer_project:gstreamer:0.10.22", "cpe:/a:gstreamer_project:gstreamer:0.10.0", "cpe:/a:gstreamer_project:gstreamer:0.10.19", "cpe:/a:gstreamer_project:gstreamer:0.10.23", "cpe:/a:gstreamer_project:gstreamer:0.10.32", "cpe:/a:gstreamer_project:gstreamer:0.10.16", "cpe:/a:gstreamer_project:gstreamer:0.10.15", "cpe:/a:gstreamer_project:gstreamer:0.10.25", "cpe:/a:gstreamer_project:gstreamer:0.10.13", "cpe:/a:gstreamer_project:gstreamer:0.10.11", "cpe:/a:gstreamer_project:gstreamer:0.10.1", "cpe:/a:gstreamer_project:gstreamer:0.10.4", "cpe:/a:gstreamer_project:gstreamer:0.10.36", "cpe:/a:gstreamer_project:gstreamer:0.10.14", "cpe:/a:gstreamer_project:gstreamer:0.10.35", "cpe:/a:gstreamer_project:gstreamer:0.10.9", "cpe:/a:gstreamer_project:gstreamer:0.10.12", "cpe:/a:gstreamer_project:gstreamer:0.10.20", "cpe:/a:gstreamer_project:gstreamer:0.10.17", "cpe:/a:gstreamer_project:gstreamer:0.10.8", "cpe:/a:gstreamer_project:gstreamer:0.10.5", "cpe:/a:gstreamer_project:gstreamer:0.10.3", "cpe:/a:gstreamer_project:gstreamer:0.10.34", "cpe:/a:gstreamer_project:gstreamer:0.10.30", "cpe:/a:gstreamer_project:gstreamer:0.10.24", "cpe:/a:gstreamer_project:gstreamer:0.10.31", "cpe:/a:gstreamer_project:gstreamer:0.10.27", "cpe:/a:gstreamer_project:gstreamer:0.10.21", "cpe:/a:gstreamer_project:gstreamer:0.10.26", "cpe:/a:gstreamer_project:gstreamer:0.10.29", "cpe:/a:gstreamer_project:gstreamer:0.10.28", "cpe:/a:gstreamer_project:gstreamer:0.10.18", "cpe:/a:gstreamer_project:gstreamer:0.10.7"], "id": "CVE-2016-9447", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9447", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gstreamer_project:gstreamer:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.22:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.18:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.34:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.32:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.17:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.28:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.30:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.26:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.25:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.23:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.27:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.14:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.36:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.24:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.20:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.16:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.29:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.21:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.15:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.31:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.33:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.19:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gstreamer_project:gstreamer:0.10.35:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:44", "description": "Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.", "edition": 6, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-13T16:59:00", "title": "CVE-2016-9809", "type": "cve", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9809"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/a:gstreamer:gstreamer:1.10.1"], "id": "CVE-2016-9809", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9809", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gstreamer:gstreamer:1.10.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T12:10:52", "description": "Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-01-23T21:59:00", "title": "CVE-2016-9445", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9445"], "modified": "2020-02-24T19:23:00", "cpe": ["cpe:/a:gstreamer_project:gstreamer:1.10.0"], "id": "CVE-2016-9445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9445", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gstreamer_project:gstreamer:1.10.0:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:08", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "description": "[0.10.23-22]\n- h264parse: Ensure codec_data has the required size when reading number of SPS\nResolves: rhbz#1400838\n[0.10.23-21]\n- Remove insecure NSF plugin\n- vmncdec: Sanity-check width/height before using it\nResolves: rhbz#1400838", "edition": 4, "modified": "2017-01-05T00:00:00", "published": "2017-01-05T00:00:00", "id": "ELSA-2017-0018", "href": "http://linux.oracle.com/errata/ELSA-2017-0018.html", "title": "gstreamer-plugins-bad-free security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "description": "[0.10.19-5]\n- vmncdec: Sanity-check width/height before using it\nResolves: rhbz#1400820\n[0.10.19-4]\n- Remove insecure NSF decoder\nResolves: rhbz#1400820", "edition": 4, "modified": "2016-12-21T00:00:00", "published": "2016-12-21T00:00:00", "id": "ELSA-2016-2974", "href": "http://linux.oracle.com/errata/ELSA-2016-2974.html", "title": "gstreamer-plugins-bad-free security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "[1.4.5-6]\n- Fix h264 and h265 buffer size checks\n- Fix mpegts pat parsing and add more size checks\nResolves: rhbz#1400897\n[1.4.5-5]\n- vmncdec: Sanity-check width/height before using it\nResolves: rhbz#1400897", "edition": 4, "modified": "2017-01-05T00:00:00", "published": "2017-01-05T00:00:00", "id": "ELSA-2017-0021", "href": "http://linux.oracle.com/errata/ELSA-2017-0021.html", "title": "gstreamer1-plugins-bad-free security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:36:24", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "description": "**CentOS Errata and Security Advisory** CESA-2017:0018\n\n\nGStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034234.html\n\n**Affected packages:**\ngstreamer-plugins-bad-free\ngstreamer-plugins-bad-free-devel\ngstreamer-plugins-bad-free-devel-docs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0018.html", "edition": 4, "modified": "2017-01-09T18:12:36", "published": "2017-01-09T18:12:36", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/034234.html", "id": "CESA-2017:0018", "title": "gstreamer security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:38:43", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "description": "**CentOS Errata and Security Advisory** CESA-2016:2974\n\n\nGStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-December/034227.html\n\n**Affected packages:**\ngstreamer-plugins-bad-free\ngstreamer-plugins-bad-free-devel\ngstreamer-plugins-bad-free-devel-docs\ngstreamer-plugins-bad-free-extras\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2974.html", "edition": 4, "modified": "2016-12-21T17:41:28", "published": "2016-12-21T17:41:28", "href": "http://lists.centos.org/pipermail/centos-announce/2016-December/034227.html", "id": "CESA-2016:2974", "title": "gstreamer security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:37:22", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "**CentOS Errata and Security Advisory** CESA-2017:0021\n\n\nGStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/034232.html\n\n**Affected packages:**\ngstreamer1-plugins-bad-free\ngstreamer1-plugins-bad-free-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0021.html", "edition": 4, "modified": "2017-01-09T18:11:54", "published": "2017-01-09T18:11:54", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/034232.html", "id": "CESA-2017:0021", "title": "gstreamer1 security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:52", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9447", "CVE-2016-9809"], "description": "GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.", "modified": "2018-04-12T03:32:44", "published": "2017-01-05T13:42:29", "id": "RHSA-2017:0018", "href": "https://access.redhat.com/errata/RHSA-2017:0018", "type": "redhat", "title": "(RHSA-2017:0018) Moderate: gstreamer-plugins-bad-free security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:21", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "description": "GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.", "modified": "2018-06-06T20:24:07", "published": "2016-12-21T16:38:13", "id": "RHSA-2016:2974", "href": "https://access.redhat.com/errata/RHSA-2016:2974", "type": "redhat", "title": "(RHSA-2016:2974) Important: gstreamer-plugins-bad-free security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:34", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n* An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\n* Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)", "modified": "2018-04-12T03:33:03", "published": "2017-01-05T13:52:23", "id": "RHSA-2017:0021", "href": "https://access.redhat.com/errata/RHSA-2017:0021", "type": "redhat", "title": "(RHSA-2017:0021) Moderate: gstreamer1-plugins-bad-free security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:14:06", "description": "An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.", "edition": 32, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-07-13T00:00:00", "title": "Virtuozzo 7 : gstreamer-plugins-bad-free / etc (VZLSA-2017-0018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-07-13T00:00:00", "cpe": ["cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free-devel-docs", "p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free-devel", "p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free"], "id": "VIRTUOZZO_VZLSA-2017-0018.NASL", "href": "https://www.tenable.com/plugins/nessus/101401", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101401);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2016-9445\",\n \"CVE-2016-9447\",\n \"CVE-2016-9809\"\n );\n\n script_name(english:\"Virtuozzo 7 : gstreamer-plugins-bad-free / etc (VZLSA-2017-0018)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0018.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c88f2b3b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0018\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gstreamer-plugins-bad-free / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"gstreamer-plugins-bad-free-0.10.23-22.vl7\",\n \"gstreamer-plugins-bad-free-devel-0.10.23-22.vl7\",\n \"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:30:56", "description": "An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.", "edition": 31, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-01-10T00:00:00", "title": "CentOS 7 : gstreamer-plugins-bad-free (CESA-2017:0018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-01-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel-docs"], "id": "CENTOS_RHSA-2017-0018.NASL", "href": "https://www.tenable.com/plugins/nessus/96339", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0018 and \n# CentOS Errata and Security Advisory 2017:0018 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96339);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_xref(name:\"RHSA\", value:\"2017:0018\");\n\n script_name(english:\"CentOS 7 : gstreamer-plugins-bad-free (CESA-2017:0018)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022196.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8911c2a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gstreamer-plugins-bad-free packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9447\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:51:49", "description": "According to the versions of the gstreamer-plugins-bad-free package\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw, leading to a heap-based\n buffer overflow, was found in GStreamer's VMware VMnc\n video file format decoding plug-in. A remote attacker\n could use this flaw to cause an application using\n GStreamer to crash or, potentially, execute arbitrary\n code with the privileges of the user running the\n application. (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in\n GStreamer's H.264 parser. A remote attacker could use\n this flaw to cause an application using GStreamer to\n crash. (CVE-2016-9809)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "title": "EulerOS 2.0 SP2 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-05-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1009.NASL", "href": "https://www.tenable.com/plugins/nessus/99855", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99855);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-9445\",\n \"CVE-2016-9447\",\n \"CVE-2016-9809\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the gstreamer-plugins-bad-free package\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw, leading to a heap-based\n buffer overflow, was found in GStreamer's VMware VMnc\n video file format decoding plug-in. A remote attacker\n could use this flaw to cause an application using\n GStreamer to crash or, potentially, execute arbitrary\n code with the privileges of the user running the\n application. (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in\n GStreamer's H.264 parser. A remote attacker could use\n this flaw to cause an application using GStreamer to\n crash. (CVE-2016-9809)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1009\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dcec8f72\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gstreamer-plugins-bad-free packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"gstreamer-plugins-bad-free-0.10.23-22\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:51:05", "description": "From Red Hat Security Advisory 2017:0018 :\n\nAn update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.", "edition": 29, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-01-06T00:00:00", "title": "Oracle Linux 7 : gstreamer-plugins-bad-free (ELSA-2017-0018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-01-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free-devel", "p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free-devel-docs", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free"], "id": "ORACLELINUX_ELSA-2017-0018.NASL", "href": "https://www.tenable.com/plugins/nessus/96326", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0018 and \n# Oracle Linux Security Advisory ELSA-2017-0018 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96326);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_xref(name:\"RHSA\", value:\"2017:0018\");\n\n script_name(english:\"Oracle Linux 7 : gstreamer-plugins-bad-free (ELSA-2017-0018)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0018 :\n\nAn update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006613.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gstreamer-plugins-bad-free packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.el7_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:49:31", "description": "Security Fix(es) :\n\n - An integer overflow flaw, leading to a heap-based buffer\n overflow, was found in GStreamer's VMware VMnc video\n file format decoding plug-in. A remote attacker could\n use this flaw to cause an application using GStreamer to\n crash or, potentially, execute arbitrary code with the\n privileges of the user running the application.\n (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in GStreamer's\n H.264 parser. A remote attacker could use this flaw to\n cause an application using GStreamer to crash.\n (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-01-06T00:00:00", "title": "Scientific Linux Security Update : gstreamer-plugins-bad-free on SL7.x x86_64 (20170105)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-01-06T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-debuginfo", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel-docs", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170105_GSTREAMER_PLUGINS_BAD_FREE_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96332);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n\n script_name(english:\"Scientific Linux Security Update : gstreamer-plugins-bad-free on SL7.x x86_64 (20170105)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - An integer overflow flaw, leading to a heap-based buffer\n overflow, was found in GStreamer's VMware VMnc video\n file format decoding plug-in. A remote attacker could\n use this flaw to cause an application using GStreamer to\n crash or, potentially, execute arbitrary code with the\n privileges of the user running the application.\n (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in GStreamer's\n H.264 parser. A remote attacker could use this flaw to\n cause an application using GStreamer to crash.\n (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=1196\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?96ade43e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-debuginfo-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-0.10.23-22.el7_3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.el7_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:51:49", "description": "According to the versions of the gstreamer-plugins-bad-free packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw, leading to a heap-based\n buffer overflow, was found in GStreamer's VMware VMnc\n video file format decoding plug-in. A remote attacker\n could use this flaw to cause an application using\n GStreamer to crash or, potentially, execute arbitrary\n code with the privileges of the user running the\n application. (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in\n GStreamer's H.264 parser. A remote attacker could use\n this flaw to cause an application using GStreamer to\n crash. (CVE-2016-9809)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-05-01T00:00:00", "title": "EulerOS 2.0 SP1 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2017-05-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free", "p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free-devel", "p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free-devel-docs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1010.NASL", "href": "https://www.tenable.com/plugins/nessus/99856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99856);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-9445\",\n \"CVE-2016-9447\",\n \"CVE-2016-9809\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the gstreamer-plugins-bad-free packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An integer overflow flaw, leading to a heap-based\n buffer overflow, was found in GStreamer's VMware VMnc\n video file format decoding plug-in. A remote attacker\n could use this flaw to cause an application using\n GStreamer to crash or, potentially, execute arbitrary\n code with the privileges of the user running the\n application. (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\n - An out-of-bounds heap read flaw was found in\n GStreamer's H.264 parser. A remote attacker could use\n this flaw to cause an application using GStreamer to\n crash. (CVE-2016-9809)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1010\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0e858936\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gstreamer-plugins-bad-free packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"gstreamer-plugins-bad-free-0.10.23-22\",\n \"gstreamer-plugins-bad-free-devel-0.10.23-22\",\n \"gstreamer-plugins-bad-free-devel-docs-0.10.23-22\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T05:06:59", "description": "An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.", "edition": 30, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-01-05T00:00:00", "title": "RHEL 7 : gstreamer-plugins-bad-free (RHSA-2017:0018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel-docs", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-debuginfo", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2017-0018.NASL", "href": "https://www.tenable.com/plugins/nessus/96310", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0018. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96310);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_xref(name:\"RHSA\", value:\"2017:0018\");\n\n script_name(english:\"RHEL 7 : gstreamer-plugins-bad-free (RHSA-2017:0018)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\n* An out-of-bounds heap read flaw was found in GStreamer's H.264\nparser. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9809\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0018\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"gstreamer-plugins-bad-free-0.10.23-22.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gstreamer-plugins-bad-free-debuginfo-0.10.23-22.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"gstreamer-plugins-bad-free-devel-0.10.23-22.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.23-22.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:30:55", "description": "An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.", "edition": 34, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-12-22T00:00:00", "title": "CentOS 6 : gstreamer-plugins-bad-free (CESA-2016:2974)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-extras", "p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel-docs"], "id": "CENTOS_RHSA-2016-2974.NASL", "href": "https://www.tenable.com/plugins/nessus/96049", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2974 and \n# CentOS Errata and Security Advisory 2016:2974 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96049);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\");\n script_xref(name:\"RHSA\", value:\"2016:2974\");\n\n script_name(english:\"CentOS 6 : gstreamer-plugins-bad-free (CESA-2016:2974)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2016-December/022189.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?394c0775\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gstreamer-plugins-bad-free packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9447\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gstreamer-plugins-bad-free-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"gstreamer-plugins-bad-free-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gstreamer-plugins-bad-free-devel-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"gstreamer-plugins-bad-free-extras-0.10.19-5.el6_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T05:06:58", "description": "An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.", "edition": 32, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-12-21T00:00:00", "title": "RHEL 6 : gstreamer-plugins-bad-free (RHSA-2016:2974)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel-docs", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-extras", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free", "p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2016-2974.NASL", "href": "https://www.tenable.com/plugins/nessus/96039", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2974. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96039);\n script_version(\"3.13\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\");\n script_xref(name:\"RHSA\", value:\"2016:2974\");\n\n script_name(english:\"RHEL 6 : gstreamer-plugins-bad-free (RHSA-2016:2974)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for gstreamer-plugins-bad-free is now available for Red Hat\nEnterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGStreamer is a streaming media framework based on graphs of filters\nwhich operate on media data. The gstreamer-plugins-bad-free package\ncontains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es) :\n\n* An integer overflow flaw, leading to a heap-based buffer overflow,\nwas found in GStreamer's VMware VMnc video file format decoding\nplug-in. A remote attacker could use this flaw to cause an application\nusing GStreamer to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2016-9445)\n\n* A memory corruption flaw was found in GStreamer's Nintendo NSF music\nfile format decoding plug-in. A remote attacker could use this flaw to\ncause an application using GStreamer to crash or, potentially, execute\narbitrary code with the privileges of the user running the\napplication. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2016:2974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9445\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9447\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gstreamer-plugins-bad-free-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:2974\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"gstreamer-plugins-bad-free-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"gstreamer-plugins-bad-free-debuginfo-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"gstreamer-plugins-bad-free-devel-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"gstreamer-plugins-bad-free-extras-0.10.19-5.el6_8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:49:30", "description": "Security Fix(es) :\n\n - An integer overflow flaw, leading to a heap-based buffer\n overflow, was found in GStreamer's VMware VMnc video\n file format decoding plug-in. A remote attacker could\n use this flaw to cause an application using GStreamer to\n crash or, potentially, execute arbitrary code with the\n privileges of the user running the application.\n (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-12-21T00:00:00", "title": "Scientific Linux Security Update : gstreamer-plugins-bad-free on SL6.x i386/x86_64 (20161221)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-debuginfo", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel-docs", "p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-extras", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20161221_GSTREAMER_PLUGINS_BAD_FREE_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/96041", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96041);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\");\n\n script_name(english:\"Scientific Linux Security Update : gstreamer-plugins-bad-free on SL6.x i386/x86_64 (20161221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - An integer overflow flaw, leading to a heap-based buffer\n overflow, was found in GStreamer's VMware VMnc video\n file format decoding plug-in. A remote attacker could\n use this flaw to cause an application using GStreamer to\n crash or, potentially, execute arbitrary code with the\n privileges of the user running the application.\n (CVE-2016-9445)\n\n - A memory corruption flaw was found in GStreamer's\n Nintendo NSF music file format decoding plug-in. A\n remote attacker could use this flaw to cause an\n application using GStreamer to crash or, potentially,\n execute arbitrary code with the privileges of the user\n running the application. (CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=17802\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea9eb045\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:gstreamer-plugins-bad-free-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"gstreamer-plugins-bad-free-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gstreamer-plugins-bad-free-debuginfo-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gstreamer-plugins-bad-free-devel-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"gstreamer-plugins-bad-free-extras-0.10.19-5.el6_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gstreamer-plugins-bad-free / gstreamer-plugins-bad-free-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-27T18:35:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171010", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1010\");\n script_version(\"2020-01-23T10:43:03+0000\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:43:03 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:43:03 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1010\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1010\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gstreamer-plugins-bad-free' package(s) announced via the EulerOS-SA-2017-1010 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\nA memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\nAn out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809)\");\n\n script_tag(name:\"affected\", value:\"'gstreamer-plugins-bad-free' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.23~22\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel\", rpm:\"gstreamer-plugins-bad-free-devel~0.10.23~22\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel-docs\", rpm:\"gstreamer-plugins-bad-free-devel-docs~0.10.23~22\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171009", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171009", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1009\");\n script_version(\"2020-01-23T10:43:00+0000\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:43:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:43:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1009\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1009\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gstreamer-plugins-bad-free' package(s) announced via the EulerOS-SA-2017-1009 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\nA memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447)\n\nAn out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809)\");\n\n script_tag(name:\"affected\", value:\"'gstreamer-plugins-bad-free' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.23~22\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9447"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2017-01-06T00:00:00", "id": "OPENVAS:1361412562310871739", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871739", "type": "openvas", "title": "RedHat Update for gstreamer-plugins-bad-free RHSA-2017:0018-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gstreamer-plugins-bad-free RHSA-2017:0018-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871739\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-06 05:44:55 +0100 (Fri, 06 Jan 2017)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\", \"CVE-2016-9809\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for gstreamer-plugins-bad-free RHSA-2017:0018-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gstreamer-plugins-bad-free'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework based on graphs of filters which\noperate on media data. The gstreamer-plugins-bad-free package contains a\ncollection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * A memory corruption flaw was found in GStreamer's Nintendo NSF music file\nformat decoding plug-in. A remote attacker could use this flaw to cause an\napplication using GStreamer to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2016-9447)\n\n * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash. (CVE-2016-9809)\n\nNote: This update removes the vulnerable Nintendo NSF plug-in.\");\n script_tag(name:\"affected\", value:\"gstreamer-plugins-bad-free on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0018-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00006.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.23~22.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-debuginfo\", rpm:\"gstreamer-plugins-bad-free-debuginfo~0.10.23~22.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "description": "Check the version of gstreamer-plugins-bad-free", "modified": "2019-03-08T00:00:00", "published": "2016-12-22T00:00:00", "id": "OPENVAS:1361412562310882620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882620", "type": "openvas", "title": "CentOS Update for gstreamer-plugins-bad-free CESA-2016:2974 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer-plugins-bad-free CESA-2016:2974 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882620\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-22 05:46:17 +0100 (Thu, 22 Dec 2016)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for gstreamer-plugins-bad-free CESA-2016:2974 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of gstreamer-plugins-bad-free\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework\nbased on graphs of filters which operate on media data.\nThe gstreamer-plugins-bad-free package contains a collection of plug-ins for\nGStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * A memory corruption flaw was found in GStreamer's Nintendo NSF music file\nformat decoding plug-in. A remote attacker could use this flaw to cause an\napplication using GStreamer to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\");\n script_tag(name:\"affected\", value:\"gstreamer-plugins-bad-free on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2016:2974\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2016-December/022189.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.19~5.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel\", rpm:\"gstreamer-plugins-bad-free-devel~0.10.19~5.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-devel-docs\", rpm:\"gstreamer-plugins-bad-free-devel-docs~0.10.19~5.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-extras\", rpm:\"gstreamer-plugins-bad-free-extras~0.10.19~5.el6_8\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9447"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2016-12-22T00:00:00", "id": "OPENVAS:1361412562310871732", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871732", "type": "openvas", "title": "RedHat Update for gstreamer-plugins-bad-free RHSA-2016:2974-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gstreamer-plugins-bad-free RHSA-2016:2974-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871732\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-22 05:44:49 +0100 (Thu, 22 Dec 2016)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9447\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for gstreamer-plugins-bad-free RHSA-2016:2974-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gstreamer-plugins-bad-free'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework\nbased on graphs of filters which operate on media data. The\ngstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * A memory corruption flaw was found in GStreamer's Nintendo NSF music file\nformat decoding plug-in. A remote attacker could use this flaw to cause an\napplication using GStreamer to crash or, potentially, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2016-9447)\n\nNote: This updates removes the vulnerable Nintendo NSF plug-in.\");\n script_tag(name:\"affected\", value:\"gstreamer-plugins-bad-free on\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2974-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-December/msg00026.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free\", rpm:\"gstreamer-plugins-bad-free~0.10.19~5.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer-plugins-bad-free-debuginfo\", rpm:\"gstreamer-plugins-bad-free-debuginfo~0.10.19~5.el6_8\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "Check the version of gstreamer1-plugins-bad-free", "modified": "2019-03-08T00:00:00", "published": "2017-01-10T00:00:00", "id": "OPENVAS:1361412562310882627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882627", "type": "openvas", "title": "CentOS Update for gstreamer1-plugins-bad-free CESA-2017:0021 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for gstreamer1-plugins-bad-free CESA-2017:0021 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882627\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-10 05:50:27 +0100 (Tue, 10 Jan 2017)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9809\", \"CVE-2016-9812\", \"CVE-2016-9813\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for gstreamer1-plugins-bad-free CESA-2017:0021 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of gstreamer1-plugins-bad-free\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework based\non graphs of filters which operate on media data. The gstreamer1-plugins-bad-free\npackage contains a collection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins.\nA remote attacker could use these flaws to cause an application using\nGStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)\");\n script_tag(name:\"affected\", value:\"gstreamer1-plugins-bad-free on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:0021\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-January/022194.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free\", rpm:\"gstreamer1-plugins-bad-free~1.4.5~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free-devel\", rpm:\"gstreamer1-plugins-bad-free-devel~1.4.5~6.el7_3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171007", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171007", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gstreamer1-plugins-bad-free (EulerOS-SA-2017-1007)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1007\");\n script_version(\"2020-01-23T10:42:54+0000\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9809\", \"CVE-2016-9812\", \"CVE-2016-9813\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:42:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:42:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gstreamer1-plugins-bad-free (EulerOS-SA-2017-1007)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1007\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1007\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gstreamer1-plugins-bad-free' package(s) announced via the EulerOS-SA-2017-1007 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\nMultiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)\");\n\n script_tag(name:\"affected\", value:\"'gstreamer1-plugins-bad-free' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free\", rpm:\"gstreamer1-plugins-bad-free~1.4.5~6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2017-01-06T00:00:00", "id": "OPENVAS:1361412562310871740", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871740", "type": "openvas", "title": "RedHat Update for gstreamer1-plugins-bad-free RHSA-2017:0021-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for gstreamer1-plugins-bad-free RHSA-2017:0021-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871740\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-06 05:44:59 +0100 (Fri, 06 Jan 2017)\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9809\", \"CVE-2016-9812\", \"CVE-2016-9813\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for gstreamer1-plugins-bad-free RHSA-2017:0021-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gstreamer1-plugins-bad-free'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"GStreamer is a streaming media framework based on graphs of filters which\noperate on media data. The gstreamer1-plugins-bad-free package contains a\ncollection of plug-ins for GStreamer.\n\nSecurity Fix(es):\n\n * An integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in GStreamer's VMware VMnc video file format decoding plug-in. A\nremote attacker could use this flaw to cause an application using GStreamer\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2016-9445)\n\n * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins.\nA remote attacker could use these flaws to cause an application using\nGStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)\");\n script_tag(name:\"affected\", value:\"gstreamer1-plugins-bad-free on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0021-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00009.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free\", rpm:\"gstreamer1-plugins-bad-free~1.4.5~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free-debuginfo\", rpm:\"gstreamer1-plugins-bad-free-debuginfo~1.4.5~6.el7_3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171008", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for gstreamer1-plugins-bad-free (EulerOS-SA-2017-1008)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1008\");\n script_version(\"2020-01-23T10:42:57+0000\");\n script_cve_id(\"CVE-2016-9445\", \"CVE-2016-9809\", \"CVE-2016-9812\", \"CVE-2016-9813\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:42:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:42:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for gstreamer1-plugins-bad-free (EulerOS-SA-2017-1008)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1008\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1008\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'gstreamer1-plugins-bad-free' package(s) announced via the EulerOS-SA-2017-1008 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445)\n\nMultiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)\");\n\n script_tag(name:\"affected\", value:\"'gstreamer1-plugins-bad-free' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gstreamer1-plugins-bad-free\", rpm:\"gstreamer1-plugins-bad-free~1.4.5~6\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9447"], "description": "Chris Evans discovered that the GStreamer 0.10 plugin to decode NES\nSound Format files allowed the execution of arbitrary code.", "modified": "2019-03-18T00:00:00", "published": "2016-11-15T00:00:00", "id": "OPENVAS:1361412562310703713", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703713", "type": "openvas", "title": "Debian Security Advisory DSA 3713-1 (gst-plugins-bad0.10 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3713.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3713-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703713\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-9447\");\n script_name(\"Debian Security Advisory DSA 3713-1 (gst-plugins-bad0.10 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-15 00:00:00 +0100 (Tue, 15 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3713.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"gst-plugins-bad0.10 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), this problem has been fixed in\nversion 0.10.23-7.4+deb8u1.\n\nThe unstable distribution (sid) no longer contains Gstreamer 0.10.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\");\n script_tag(name:\"summary\", value:\"Chris Evans discovered that the GStreamer 0.10 plugin to decode NES\nSound Format files allowed the execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad\", ver:\"0.10.23-7.4+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-dbg\", ver:\"0.10.23-7.4+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gstreamer0.10-plugins-bad-doc\", ver:\"0.10.23-7.4+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-0\", ver:\"0.10.23-7.4+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgstreamer-plugins-bad0.10-dev\", ver:\"0.10.23-7.4+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9446", "CVE-2016-9445", "CVE-2016-9447"], "description": "Package : gst-plugins-bad0.10\nVersion : 0.10.23-7.1+deb7u3\nCVE ID : CVE-2016-9445 CVE-2016-9446 CVE-2016-9447\n\nCVE-2016-9445\nCVE-2016-9446\n\n Chris Evans discovered that the GStreamer plugin to decode VMware screen\n capture files allowed the execution of arbitrary code. He also found that\n an initialized buffer may lead into memory disclosure.\n\nCVE-2016-9447\n\n Chris Evans discovered that the GStreamer 0.10 plugin to decode NES\n Sound Format files allowed the execution of arbitrary code.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n0.10.23-7.1+deb7u3.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-11-19T23:57:02", "published": "2016-11-19T23:57:02", "id": "DEBIAN:DLA-712-1:8C7BA", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201611/msg00019.html", "title": "[SECURITY] [DLA 712-1] gst-plugins-bad0.10 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:27", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9809"], "description": "Package : gst-plugins-bad0.10\nVersion : 0.10.23-7.1+deb7u4\nCVE ID : CVE-2016-9809\n\nAn out of bounds heap bug was found in the H264 parser in\ngst-plugins-bad0.10.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n0.10.23-7.1+deb7u4.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2016-12-08T07:44:53", "published": "2016-12-08T07:44:53", "id": "DEBIAN:DLA-736-1:19809", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201612/msg00009.html", "title": "[SECURITY] [DLA 736-1] gst-plugins-bad0.10 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T13:17:00", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9809", "CVE-2017-5843", "CVE-2017-5848", "CVE-2015-0797"], "description": "Package : gst-plugins-bad0.10\nVersion : 0.10.23-7.4+deb8u3\nCVE ID : CVE-2015-0797 CVE-2016-9809 CVE-2017-5843 CVE-2017-5848\n\n\nSeveral issues have been found in gst-plugins-bad0.10, a package \ncontaining GStreamer plugins from the "bad" set.\n\n\nAll issues are about use-after-free, out of bounds reads or buffer \noverflow in different modules.\n\n\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n0.10.23-7.4+deb8u3.\n\nWe recommend that you upgrade your gst-plugins-bad0.10 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n", "edition": 9, "modified": "2020-03-31T17:35:30", "published": "2020-03-31T17:35:30", "id": "DEBIAN:DLA-2164-1:52F3C", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00038.html", "title": "[SECURITY] [DLA 2164-1] gst-plugins-bad0.10 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:51:29", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9809", "CVE-2016-9812", "CVE-2017-5843", "CVE-2016-9813", "CVE-2017-5848"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3818-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 27, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : gst-plugins-bad1.0\nCVE ID : CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 \n CVE-2017-5848\n\nHanno Boeck discovered multiple vulnerabilities in the GStreamer media\nframework and its codecs and demuxers, which may result in denial of\nservice or the execution of arbitrary code if a malformed media file is\nopened.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.4.4-2.1+deb8u2.\n\nFor the upcoming stable distribution (stretch), these problems have been\nfixed in version 1.10.4-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.10.4-1.\n\nWe recommend that you upgrade your gst-plugins-bad1.0 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2017-03-27T20:47:02", "published": "2017-03-27T20:47:02", "id": "DEBIAN:DSA-3818-1:FE037", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00074.html", "title": "[SECURITY] [DSA 3818-1] gst-plugins-bad1.0 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-12-30T02:05:44", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9446", "CVE-2016-9445", "CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "edition": 1, "description": "This update for gstreamer-plugins-bad fixes the following issues:\n\n - CVE-2016-9809: Malicious mkv/h264 file could cause an off by one out of\n bounds read and lead to crash (bsc#1013659)\n - CVE-2016-9812: Malicious mpeg file could cause invalid a null pointer\n access and lead to crash (bsc#1013678)\n - CVE-2016-9813: Malicious mpegts file could cause invalid a null pointer\n access and lead to crash (bsc#1013680)\n - CVE-2016-9445, CVE-2016-9446: Check an integer overflow and initialize a\n buffer in vmncdec (bsc#1010829)\n\n", "modified": "2016-12-30T00:08:58", "published": "2016-12-30T00:08:58", "id": "SUSE-SU-2016:3297-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00098.html", "type": "suse", "title": "Security update for gstreamer-plugins-bad (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-12-14T18:02:42", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9446", "CVE-2016-9445"], "edition": 1, "description": "This update for gstreamer-plugins-bad fixes the following issues:\n\n - Maliciously crafted VMnc (VMware video) streams (typically contained in\n .avi files) could cause code execution during decoding or information\n leaks due to an unitialized buffer (CVE-2016-9445, CVE-2016-9446,\n boo#1010829).\n\n", "modified": "2016-12-14T18:11:15", "published": "2016-12-14T18:11:15", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00066.html", "id": "OPENSUSE-SU-2016:3158-1", "type": "suse", "title": "Security update for gstreamer-plugins-bad (important)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-12-14T15:11:38", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9446", "CVE-2016-9445"], "edition": 1, "description": "This update for gstreamer-0_10-plugins-bad fixes the following issues:\n\n - Maliciously crafted VMnc files (VMWare video format) could lead to\n crashes (CVE-2016-9445, CVE-2016-9446, boo#1010829).\n - Maliciously crafted NSF files (NES sound format) could lead to arbitrary\n code execution (CESA-2016-0001, boo#1010514). Therefore for security\n reasons the NSF plugin has been removed from the package.\n\n", "modified": "2016-12-14T13:07:27", "published": "2016-12-14T13:07:27", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00063.html", "id": "OPENSUSE-SU-2016:3147-1", "type": "suse", "title": "Security update for gstreamer-0_10-plugins-bad (important)", "cvss": {"score": 0.0, "vector": "NONE"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9447"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-05T21:48:16", "published": "2016-12-05T21:48:16", "id": "FEDORA:C7BD660A866E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update:\n gstreamer-plugins-bad-free-0.10.23-34.fc25", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9447"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-16T03:55:30", "published": "2016-12-16T03:55:30", "id": "FEDORA:5B76360648E6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update:\n gstreamer-plugins-bad-free-0.10.23-34.fc24", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-04T16:54:12", "published": "2016-12-04T16:54:12", "id": "FEDORA:9C1D26087AB5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: gstreamer1-plugins-bad-free-1.10.1-1.fc25", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-06T10:29:58", "published": "2016-12-06T10:29:58", "id": "FEDORA:37DF360C85D5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: gstreamer1-plugins-bad-free-1.8.3-2.fc24", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-09T22:31:34", "published": "2016-12-09T22:31:34", "id": "FEDORA:8D16E601CF88", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update:\n gstreamer-plugins-bad-free-0.10.23-35.fc25", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9809", "CVE-2016-9812", "CVE-2016-9813"], "description": "GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality. ", "modified": "2016-12-10T00:29:29", "published": "2016-12-10T00:29:29", "id": "FEDORA:8786E6075007", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: gstreamer1-plugins-bad-free-1.8.3-3.fc24", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:44", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9445", "CVE-2016-9446"], "description": "Arch Linux Security Advisory ASA-201701-3\n=========================================\n\nSeverity: High\nDate : 2017-01-02\nCVE-ID : CVE-2016-9445 CVE-2016-9446\nPackage : gst-plugins-bad\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-76\n\nSummary\n=======\n\nThe package gst-plugins-bad before version 1.10.2-2 is vulnerable to\nmultiple issues including arbitrary code execution and information\ndisclosure.\n\nResolution\n==========\n\nUpgrade to 1.10.2-2.\n\n# pacman -Syu \"gst-plugins-bad>=1.10.2-2\"\n\nThe problems have been fixed upstream in version 1.10.2.\n\nWorkaround\n==========\n\nNone\n\nDescription\n===========\n\n- CVE-2016-9445 (arbitrary code execution)\n\nThe vmnc decoder in gst-plugins-bad of the gstreamer code base contains\na width * height * depth integer overflow in the allocation of the\nrender buffer inside gst/vmnc/vmncdec.c.\n\n- CVE-2016-9446 (information disclosure)\n\nAn information disclosure vulnerability has been discovered in the\nrender canvas functionality of gst-plugins-bad due to the lack of\ninitializing the returned heap area of g_malloc(). An example for the\ninformation leak would be thumbnailing a simple 1 frame vmnc movie that\ndoes not draw to the allocated render canvas at all.\nThis could be a problem for anyone using gstreamer in a server\nenvironment to provide a thumbnailing services.\n\nImpact\n======\n\nAn attacker is able to provide a crafted VMNC file that would allow for\neither arbitrary code execution or disclose information of the memory\nof the running host.\n\nReferences\n==========\n\nhttp://www.openwall.com/lists/oss-security/2016/11/18/13\nhttps://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html\nhttps://cgit.freedesktop.org/gstreamer/gst-plugins-bad/commit/gst/vmnc/vmncdec.c?id=4cb1bcf1422bbcd79c0f683edb7ee85e3f7a31fe\nhttps://bugzilla.gnome.org/show_bug.cgi?id=774533\nhttps://security.archlinux.org/CVE-2016-9445\nhttps://security.archlinux.org/CVE-2016-9446", "modified": "2017-01-02T00:00:00", "published": "2017-01-02T00:00:00", "id": "ASA-201701-3", "href": "https://security.archlinux.org/ASA-201701-3", "type": "archlinux", "title": "[ASA-201701-3] gst-plugins-bad: multiple issues", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2017-05-28T22:26:23", "bulletinFamily": "unix", "cvelist": ["CVE-2016-9446", "CVE-2016-9810", "CVE-2016-9636", "CVE-2017-5844", "CVE-2016-10198", "CVE-2017-5837", "CVE-2016-9445", "CVE-2016-9809", "CVE-2016-10199", "CVE-2016-9808", "CVE-2016-9812", "CVE-2017-5840", "CVE-2016-9635", "CVE-2017-5843", "CVE-2016-9634", "CVE-2016-9811", "CVE-2017-5839", "CVE-2017-5842", "CVE-2017-5847", "CVE-2016-9813", "CVE-2016-9807", "CVE-2017-5841", "CVE-2017-5845", "CVE-2016-9447", "CVE-2017-5838", "CVE-2017-5846", "CVE-2017-5848"], "description": "### Background\n\nThe GStreamer plug-ins provide decoders to the GStreamer open source media framework. \n\n### Description\n\nMultiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user or automated system using a GStreamer plug-in to process a specially crafted file, resulting in the execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll gst-plugins-bad users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-libs/gst-plugins-bad-1.10.3:1.0\"\n \n\nAll gst-plugins-good users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-libs/gst-plugins-good-1.10.3:1.0\"\n \n\nAll gst-plugins-base users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-libs/gst-plugins-base-1.10.3:1.0\"\n \n\nAll gst-plugins-ugly users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-libs/gst-plugins-ugly-1.10.3:1.0\"", "edition": 1, "modified": "2017-05-18T00:00:00", "published": "2017-05-18T00:00:00", "href": "https://security.gentoo.org/glsa/201705-10", "id": "GLSA-201705-10", "title": "GStreamer plug-ins: User-assisted execution of arbitrary code", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
