CVE-2016-9808

GStreamer CVE-2016-9808 affects the FLIC decoder in GStreamer prior to 1.10.2, enabling a remote attacker to trigger a denial-of-service via an out-of-bounds write using crafted skip/count pairs. Affected component: GStreamer FLIC decoder. Impact: crash / DoS. Remediation: upgrade to GStreamer 1....

CVE-2016-9812

The gstmpegtssectionnew function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds read via a too small section...

CVE-2016-9808

The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds write and crash via a crafted series of skip and count pairs...

CVE-2016-9808

The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds write and crash via a crafted series of skip and count pairs...

CVE-2016-9812

CVE-2016-9812 affects the GStreamer mpegts decoder (gst_mpegts_section_new) where an out-of-bounds read can be triggered by a too-small section, leading to a denial of service. The vulnerability exists in GStreamer before version 1.10.2 and has been addressed in later releases (e.g., 1.10.2 and b...

CVE-2016-9810

The gstdecodechainfreeinternal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service invalid memory read and crash via an invalid file, which triggers an incorrect unref call...

CVE-2016-9808

The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds write and crash via a crafted series of skip and count pairs...

CVE-2017-0391

A denial of service vulnerability in decoder/ihevcddecode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0,...

UBUNTU-CVE-2017-0391

A denial of service vulnerability in decoder/ihevcddecode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0,...

Information disclosure

An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions...

UBUNTU-CVE-2016-6773

An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions...

CVE-2016-6773

An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions...

CVE-2016-6773

An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions...

CVE-2016-6773

CVE-2016-6773 describes an information-disclosure vulnerability in the ih264d decoder of Mediaserver on Android (versions 6.0, 6.0.1, 7.0). A local malicious app could access data outside its permission levels due to Mediaserver’s handling in the ih264d component. The issue is categorized as Mode...

Security update for gstreamer-plugins-good (important)

This update for gstreamer-plugins-good fixes the following security issues: - CVE-2016-9807: Flic decoder invalid read could lead to crash. bsc1013655 - CVE-2016-9634: Flic out-of-bounds write could lead to code execution. bsc1012102 - CVE-2016-9635: Flic out-of-bounds write could lead to code...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-bad-free: Integer overflow when allocating render buffer in VMnc decoder

An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the use...