12 matches found
Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability
Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...
Debian DLA-712-1 : gst-plugins-bad0.10 security update
CVE-2016-9445 CVE-2016-9446 Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code. He also found that an initialized buffer may lead into memory disclosure. CVE-2016-9447 Chris Evans discovered that the GStreamer 0.10 plugin...
[SECURITY] [DSA 3713-1] gst-plugins-bad0.10 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3713-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2016 https://www.debian.org/security/faq -...
DSA-3713-1 gst-plugins-bad0.10 - security update
Bulletin has no description...
Debian Security Advisory DSA 3713-1 (gst-plugins-bad0.10 - security update)
Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code. Further details can be found in his advisory at http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html . OpenVAS Vulnerability Test...
Debian DSA-1586-1 : xine-lib - multiple vulnerabilities
Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. The Common Vulnerabilities and Exposures project identifies the following three problems : - CVE-2008-1482 Integer overflow vulnerabilities exis...
xine-lib NES Sound Format Demuxer Buffer Overflow
Hi there Original advisory: http://milw0rm.com/exploits/5458 There's another stack-based buffer overflow in demuxnfs.c line 111: this-copyright = strdup&header0x4E; line 189: char copyright100; line 208: sprintfcopyright, "C s", this-copyright; Regards Laurent Gaffi...
xinelib-overflow.txt
xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print "\x4E\x45\x53\x4D\x1A\x01\x01\x01\x80\x80\x18\x8A\x03\x8A...
xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC
No description provided by source. xine-lib = 1.1.12 is prone to a stack-based buffer overflow in the NES Sound Format demuxerdemuxnsf.c. - Code opennsffile: 109: this-title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title,...
xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC
Exploit for linux platform in category dos / poc =============================================================== xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications...
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print "\x4E\x45\x53\x4D\x1A\x01\x01\x01\x80\x80\x18\x8A\x03\x8A...
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow PoC xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print...