ROSA LABROSA-SA-2021-1850Advisory ROSA-SA-2021-1850
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
91.2%
Software: gstreamer 0.10.36
OS: Cobalt 7.9
CVE-ID: CVE-2016-10199
CVE-Crit: HIGH
CVE-DESC: The qtdemux_tag_add_str_full function in gst / isomp4 / qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (read out of range and crash) using a created tag appreciate.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-10198
CVE-Crit: MEDIUM
CVE-DESC: The gst_aac_parse_sink_setcaps function in gst / audioparsers / gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (read invalid memory and crash) via a crafted audio file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9447
CVE-Crit: HIGH
CVE-DESC: ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-band read or write) and possibly execute arbitrary code through the generated NSF music file.
CVE-STATUS: default
CVE-REV: Default
CVE-ID: CVE-2016-9634
CVE-Crit: CRITICAL
CVE-DESC: Heap-based buffer overflow in the flx_decode_delta_fli function in gst / flx / gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application failure) via the start_line parameter.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9635
CVE-Crit: CRITICAL
CVE-DESC: Heap-based buffer overflow in the flx_decode_delta_fli function in gst / flx / gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application failure) by providing a “skip count” beyond the initialized buffer.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9636
CVE-Crit: CRITICAL
CVE-DESC: Heap-based buffer overflow in the flx_decode_delta_fli function in gst / flx / gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application failure) by providing a “write count” beyond the initialized buffer.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9807
CVE-Crit: MEDIUM
CVE-DESC: The flx_decode_chunks function in gst / flx / gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and failure) via a crafted FLIC file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9808
CVE-Crit: HIGH
CVE-DESC: The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (write and out-of-band failure) using a crafted series of skip-and-count pairs.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9809
CVE-Crit: HIGH
CVE-DESC: Off-by-one bug in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to exert undefined influence through a crafted file, causing reads outside the valid range.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9810
CVE-Crit: MEDIUM
CVE-DESC: The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and failure) via an invalid file, causing an invalid call to unref .
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9811
CVE-Crit: MEDIUM
CVE-DESC: The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (read out of range) via a created ico file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9812
CVE-Crit: HIGH
CVE-DESC: The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (read out of range) via a partition that is too small.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9813
CVE-Crit: MEDIUM
CVE-DESC: The _parse_pat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (null pointer dereference and failure) via a crafted file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-9446
CVE-Crit: HIGH
CVE-DESC: the vmnc decoder in gstreamer does not initialize the render canvas, allowing remote attackers to obtain sensitive information, as demonstrated by creating thumbnails of a simple 1-frame vmnc movie that is not rendered on a dedicated render canvas.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5837
CVE-Crit: MEDIUM
CVE-DESC: The gst_riff_create_audio_caps function in gst-libs / gst / riff / riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5838
CVE-Crit: HIGH
CVE-DESC: The gst_date_time_new_from_iso8601_string function in gst / gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (reading from an out-of-bounds heap) via an incorrectly generated date and time string.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5839
CVE-Crit: HIGH
CVE-DESC: The gst_riff_create_audio_caps function in gst-libs / gst / riff / riff-media.c in gst-plugins-base in GStreamer before 1.10.3 incorrectly limits recursion, allowing remote attackers to cause a denial of service ( stack overflow and crash) via vectors that include a nested WAVEFORMATEX.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5841
CVE-Crit: HIGH
CVE-DESC: The gst_avi_demux_parse_ncdt function in gst / avi / gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (read outside the heap) via vectors containing ncdt tags .
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5842
CVE-Crit: MEDIUM
CVE-DESC: The html_context_handle_element function in gst / subparse / samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (write out of bounds) via a crafted SMI file, as shown in OneNote_Manager.smi.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5843
CVE-Crit: HIGH
CVE-DESC: Multiple post-release exploitation vulnerabilities in functions (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks in GStreamer before 1.10.3 allow remote attackers to cause failure) in stream tag service vectors (failure), as shown in 02785736.mxf.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5844
CVE-Crit: MEDIUM
CVE-DESC: The gst_riff_create_audio_caps function in gst-libs / gst / riff / riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5845
CVE-Crit: HIGH
CVE-DESC: The gst_avi_demux_parse_ncdt function in gst / avi / gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and failure) via a nested ncdt tag that “goes after” the surrounding tag.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5840
CVE-Crit: HIGH
CVE-DESC: The qtdemux_parse_samples function in gst / isomp4 / qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (reads from the heap outside of bounds) via vectors that include the current stts index.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5846
CVE-Crit: MEDIUM
CVE-DESC: The gst_asf_demux_process_ext_stream_props function in gst / asfdemux / gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause denial of service (invalid memory reads and crashes) via vectors related to the number of languages in a video file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5848
CVE-Crit: HIGH
CVE-DESC: The gst_ps_demux_parse_psm function in gst / mpegdemux / gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory reads and failure) via vectors that include PSM parsing.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-5847
CVE-Crit: HIGH
CVE-DESC: The gst_asf_demux_process_ext_content_desc function in gst / asfdemux / gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (read heap outside of bounds) via vectors that include extended content descriptors.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-9928
CVE-Crit: HIGH
CVE-DESC: GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection analyzer via a crafted response from the server, potentially allowing remote code execution.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2021-3497
CVE-Crit: HIGH
CVE-DESC: GStreamer before 1.18.4 could access already freed memory in error code paths when demultiplexing certain corrupted Matroska files.
CVE-STATUS: default
CVE-REV: default
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
91.2%