20 matches found
UBUNTU-CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
SUSE CVE-2016-9447
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service out-of-bounds read or write and possibly execute arbitrary code via a crafted NSF music file...
Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability
Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...
GNU Libextractor Denial of Service Vulnerability (CNVD-2018-00306)
GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A security vulnerability exists in GNU Libextractor version 1.6. A remote attacker can exploit this vulnerability to cause a denial of service null pointer backreference and application crash...
UBUNTU-CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
DEBIAN-CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
UBUNTU-CVE-2016-9447
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service out-of-bounds read or write and possibly execute arbitrary code via a crafted NSF music file...
gstreamer-plugins-bad-free: Memory corruption flaw in NSF decoder
A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application...
Debian DLA-712-1 : gst-plugins-bad0.10 security update
CVE-2016-9445 CVE-2016-9446 Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code. He also found that an initialized buffer may lead into memory disclosure. CVE-2016-9447 Chris Evans discovered that the GStreamer 0.10 plugin...
[SECURITY] [DSA 3713-1] gst-plugins-bad0.10 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3713-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3713-1 (gst-plugins-bad0.10 - security update)
Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code. Further details can be found in his advisory at http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html . OpenVAS Vulnerability Test...
DSA-3713-1 gst-plugins-bad0.10 - security update
Bulletin has no description...
Debian DSA-1586-1 : xine-lib - multiple vulnerabilities
Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. The Common Vulnerabilities and Exposures project identifies the following three problems : - CVE-2008-1482 Integer overflow vulnerabilities exis...
xine-lib NES Sound Format Demuxer Buffer Overflow
Hi there Original advisory: http://milw0rm.com/exploits/5458 There's another stack-based buffer overflow in demuxnfs.c line 111: this-copyright = strdup&header0x4E; line 189: char copyright100; line 208: sprintfcopyright, "C s", this-copyright; Regards Laurent Gaffi...
xinelib-overflow.txt
xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print "\x4E\x45\x53\x4D\x1A\x01\x01\x01\x80\x80\x18\x8A\x03\x8A...
xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC
No description provided by source. xine-lib = 1.1.12 is prone to a stack-based buffer overflow in the NES Sound Format demuxerdemuxnsf.c. - Code opennsffile: 109: this-title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title,...
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print "\x4E\x45\x53\x4D\x1A\x01\x01\x01\x80\x80\x18\x8A\x03\x8A...
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow PoC xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications http://xinehq.de/index.php/releases - PoC perl -e 'print...
xine-lib <= 1.1.12 NSF demuxer Stack Overflow Vulnerability PoC
Exploit for linux platform in category dos / poc =============================================================== xine-lib title = strdup&header0x0E; demuxnsfsendchunk: 122: char title100; 162: sprintftitle, "%s, song %d/%d", this-title, this-currentsong, this-totalsongs; - Affected applications...
libFlac / WinAMP multiple integer overflows
Multiple integer overflows on FLAC sound format parsing...