gstreamer-plugins-good: Invalid memory read in flx_decode_chunks

An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash...

gstreamer-plugins-good: Invalid memory read in flx_decode_chunks

An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash...

CVE-2016-9600

JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash...

Cross-site Scripting (XSS)

jquery-mobile is vulnerable to Cross-site Scripting XSS. The vulnerability exists because it decodes the username:password of location.href in the url without encoding them first...

Updated gstreamer0.10-plugins-good and gstreamer1.0-plugins-good packages fix security vulnerabilities

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application CVE-2016-9634,...

Fedora 25 : botan (2016-3b59109c48)

Botan 1.10.14 - NOTE WELL: Botan 1.10.x is supported for security patches only until 2017-12-31 - Fix integer overflow during BER decoding, found by Falko Strenzke. This bug is not thought to be directly exploitable but upgrading ASAP is advised. CVE-2016-9132 - Fix two cases where in error...

Fedora 24 : botan (2016-7de64a450f)

Botan 1.10.14 - NOTE WELL: Botan 1.10.x is supported for security patches only until 2017-12-31 - Fix integer overflow during BER decoding, found by Falko Strenzke. This bug is not thought to be directly exploitable but upgrading ASAP is advised. CVE-2016-9132 - Fix two cases where in error...

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

UBUNTU-CVE-2016-7785

The avireadseek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...

UBUNTU-CVE-2016-7122

The avireadnikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure...

CVE-2016-9561

The checonfigure function in libavcodec/aacdectemplate.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service allocation of huge memory, and being killed by the OS via a crafted MOV file...

Out-of-bounds

The fflog216bitc function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file...

CVE-2016-7555

The avireadheader function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure...

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

CVE-2016-7450

The fflog216bitc function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file...

CVE-2016-7450

The fflog216bitc function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file...

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

gstreamer-plugins-good: Heap buffer overflow in FLIC decoder

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...