RLSA-2026:6259 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

RockyLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:6300)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6300 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

AlmaLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (ALSA-2026:6300)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6300 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of stream headers within ASF files due to improper validation of the length of user-supplied data before copying it to a fixed-length heap-based buffer. An attacker can achieve arbitrary code...

CVE-2026-31808

file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value...

EUVD-2017-9265

Malware in sbrugna...

EUVD-2011-3582

Malware in sbrugna...

EUVD-2012-5280

Malware in sbrugna...

EUVD-2017-9368

Malware in sbrugna...

EUVD-2013-1944

Malware in sbrugna...

EUVD-2006-1506

Malware in sbrugna...

RHEL 6 : exempi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - exempi: Use after free via a PDF file containing JPEG data CVE-2017-18234 - An issue was discovered in...

Oracle Linux 7 : GStreamer (ELSA-2017-2060)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2060 advisory. clutter-gst2 2.0.18-1 - Update to 2.0.18 - Remove obsolete patches - Use license macro for COPYING - Resolves: 1386833 gnome-video-effects 0.4.3-1 -...

SUSE CVE-2014-1684

The ASFReadObjectfileproperties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service divide-by-zero error and crash via a zero minimum and maximum data packet size in an ASF file...

VLC < 2.1.3 DoS Vulnerability

An exploitable denial of service vulnerability exists in ASFReadObjectfileproperties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3. Allows remote attackers to cause a denial of service divide-by-zero error and crash via a zero minimum and...

Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability

Summary An exploitable type confusion vulnerability exists in the mfasfsrcsnk.dll of Microsoft Media Foundation 10.0.18362.207. A specially crafted ASF file can cause type confusion, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

Denial Of Service (DoS)

FFMPEG is vulnerable to denial of service. It allows an attacker to submit a malicious ASF file to asfo format demuxer , overrunning the buffer length size it can handle, causing a denial of service or potentially allowing the attacker to execute arbitrary code...

openSUSE Security Update : exempi (openSUSE-2018-1022)

This update for exempi fixes the following security issue : - CVE-2017-18236: The ASFSupport::ReadHeaderObject function allowed remote attackers to cause a denial of service infinite loop via a crafted .asf file bsc1085589 - CVE-2017-18233: Prevent integer overflow in the Chunk class that allowed...

Denial Of Service (DoS)

libgstreamer-0.10.so is vulnerable to denial of service. A remote attacker is able to produce a floating point exception in the gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c and cause the application to crash via a crafted ASF file...

Ffmpeg Buffer Overflow Vulnerability (CNVD-2018-14213)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. asfo format demuxer is one of the video and audio separators. A buffer overflow vulnerability exists in asfo format demuxer in versions prior to FFmpeg commit...