gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-bad-free: Integer overflow when allocating render buffer in VMnc decoder

An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the use...

gstreamer-plugins-bad-free: Memory corruption flaw in NSF decoder

A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2016:3288-1)

This update for gstreamer-plugins-good fixes the following issues : - CVE-2016-9807: flic decoder invalid read could lead to crash bsc1013655 - CVE-2016-9634: flic out-of-bounds write could lead to code execution bsc1012102 - CVE-2016-9635: flic out-of-bounds write could lead to code execution...

GLSA-201612-55 : libjpeg-turbo: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201612-55 libjpeg-turbo: User-assisted execution of arbitrary code The accelerated Huffman decoder was previously invoked if there were 128 bytes in the input buffer. However, it is possible to construct a JPEG image with Huffman...

SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2016:3303-1)

This update for gstreamer-plugins-good fixes the following security issues : - CVE-2016-9807: Flic decoder invalid read could lead to crash. bsc1013655 - CVE-2016-9634: Flic out-of-bounds write could lead to code execution. bsc1012102 - CVE-2016-9635: Flic out-of-bounds write could lead to code...

SUSE-SU-2016:3303-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following security issues: - CVE-2016-9807: Flic decoder invalid read could lead to crash. bsc1013655 - CVE-2016-9634: Flic out-of-bounds write could lead to code execution. bsc1012102 - CVE-2016-9635: Flic out-of-bounds write could lead to code...

ALPINE-CVE-2016-7122

The avireadnikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure...

CVE-2016-9561

The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...

Oracle Linux 6 : gstreamer-plugins-bad-free (ELSA-2016-2974)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2974 advisory. 0.10.19-5 - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400820 0.10.19-4 - Remove insecure NSF decoder Resolves: rhbz1400820...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

gstreamer-plugins-bad-free: Integer overflow when allocating render buffer in VMnc decoder

An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the use...

gstreamer-plugins-bad-free security update

0.10.19-5 - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400820 0.10.19-4 - Remove insecure NSF decoder Resolves: rhbz1400820...

Fedora 24 : gstreamer1-plugins-good (2016-3a45d79132)

Add fix for gstreamer FLIC decoder vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

CVE-2016-9810

The gstdecodechainfreeinternal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service invalid memory read and crash via an invalid file, which triggers an incorrect unref call...

GStreamer FLIC Decoder Buffer Overflow Vulnerability

GStreamer is a multimedia framework for creating streaming applications in the GNOME desktop environment. A buffer overflow vulnerability exists in the GStreamer FLIC decoder function module, which can be exploited by an attacker to execute arbitrary code in the context of an affected application...