Linux Distros Unpatched Vulnerability : CVE-2016-9446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by...

RHEL 6 : gstreamer-plugins-bad-free (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Missing initialization of allocated heap memory leads to information leak CVE-2016-9446...

RHEL 7 : gstreamer-plugins-bad-free (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer: buffer overflow in gsth264sliceparsedecrefpicmarking CVE-2021-3185 - The vmnc decoder in the...

RHEL 6 : gstreamer-plugins-bad-free (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Missing initialization of allocated heap memory leads to information leak...

RHEL 7 : gstreamer-plugins-bad-free (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Off-by-one read in gsth264parsesetcaps CVE-2016-9809 - Integer overflow in th...

Debian: Security Advisory (DLA-712-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mingw-gstreamer1-plugins-good (FEDORA-2021-ed54b1128a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for mingw-gstreamer1 (FEDORA-2021-ed54b1128a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2016:3297-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability

Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...

MGASA-2018-0012 Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability

Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...

EulerOS 2.0 SP2 : gstreamer (EulerOS-SA-2017-1206)

According to the versions of the gstreamer packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An...

EulerOS 2.0 SP1 : gstreamer (EulerOS-SA-2017-1205)

According to the versions of the gstreamer packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An...

RHEL 7 : GStreamer (RHSA-2017:2060)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2060 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The following packages have been upgraded t...

Moderate: Red Hat Security Advisory: GStreamer security, bug fix, and enhancement update

An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...

UBUNTU-CVE-2016-9446

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...

CVE-2016-9446

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...

CVE-2016-9446

CVE-2016-9446 affects the GStreamer vmnc decoder. The vmnc decoder does not initialize the render canvas, enabling remote attackers to obtain sensitive information by thumbnailing a 1-frame vmnc movie that does not draw to the render canvas. Affected component: gstreamer vmnc decoding path. The d...

CVE-2016-9446

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas...

openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-63)

This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes : - Check an integer overflow CVE-2016-9445 and initialize a buffer CVE-2016-9446 in vmncdec. bsc1010829 - CVE-2016-980...