GStreamer gst-plugins-good denial of service vulnerability (CNVD-2017-01451)

GStreamer is a set of frameworks for handling streaming media. A denial-of-service vulnerability in the gstavidemuxparsencdt function in gst/avi/gstavidemux.c in GStreamer gst-plugins-good allows remote attackers to cause a denial of service out-of-bounds heap read...

GStreamer html_context_handle_element function denial of service vulnerability

GStreamer is an open source multimedia framework. GStreamer has a security vulnerability in the gst-plugins-base/gst/subparse/samiparse.c/htmlcontexthandleelement function, which causes a denial of service for remote attackers...

GStreamer gst-plugins-base denial of service vulnerability (CNVD-2017-01449)

GStreamer is a set of frameworks for handling streaming media. A denial of service vulnerability exists in GStreamer gst-plugins-base, which allows remote attackers to cause a denial of service stack overflow and crash via a nested WAVEFORMATEX vector...

DEBIAN-CVE-2017-5839

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service stack overflow and crash via vectors involving nested WAVEFORMATEX...

CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

CVE-2017-5837

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted video file...

ALPINE-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

Design/Logic Flaw

The gstriffcreateaudiocaps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service floating point exception and crash via a crafted video file...

Design/Logic Flaw

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

DEBIAN-CVE-2016-10198

The gstaacparsesinksetcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted audio file...

CVE-2016-10199

The qtdemuxtagaddstrfull function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted tag value...

CVE-2017-5845

The gstavidemuxparsencdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a ncdt sub-tag that "goes behind" the surrounding tag...

CVE-2017-5840

CVE-2017-5840 affects the GStreamer project, specifically the gst-plugins-good package. The vulnerability is in the qtdemux_parse_samples function (gst/isomp4/qtdemux.c) and can be triggered to cause an out-of-bounds heap read, leading to denial of service. The issue is exploitable via crafted me...

CVE-2017-5841

The CVE-2017-5841 entry affects the GStreamer project, specifically the gst-plugins-good component. It concerns the gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c and is exploitable via crafted audiovisual files to trigger an out-of-bounds heap read, causing a denial of service. Publi...

CVE-2017-5848

The CVE-2017-5848 entry affects GStreamer’s gst-plugins-bad suite, specifically the gst_ps_demux_parse_psm function in gst-mpegdemux/gstmpegdemux.c. Affected component: GStreamer plugins-bad. Root cause: remote parsing of PSM can lead to an invalid memory read, crashing the process and enabling a...

CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

CVE-2016-10199

The qtdemuxtagaddstrfull function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted tag value...

CVE-2016-10198

The gstaacparsesinksetcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted audio file...

CVE-2017-5845

The CVE-2017-5845 issue affects GStreamer gst-plugins-good prior to 1.10.3. The vulnerability is in the gst_avi_demux_parse_ncdt function, allowing remote attackers to trigger a denial of service (invalid memory read and crash) via a crafted ncdt sub-tag. Public advisories (Debian, Arch, Gentoo/C...

CVE-2017-5847

CVE-2017-5847 affects the GStreamer gst-plugins-ugly package, specifically the asfdemux element (gst_asf_demux_process_ext_content_desc in gst/asfdemux/gstasfdemux.c). The vulnerability allows a remote attacker to trigger a denial of service via an out-of-bounds heap read when processing extended...