CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2016-9808 – gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
https://notcve.org/view.php?id=CVE-2016-9808
21 Dec 2016 — The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs. El decodificador FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída) a través de una serie manipulada de saltar y contar pares. Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attack... • http://rhn.redhat.com/errata/RHSA-2016-2975.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0CVE-2016-9807 – gstreamer-plugins-good: Invalid memory read in flx_decode_chunks
https://notcve.org/view.php?id=CVE-2016-9807
21 Dec 2016 — The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file. La función flx_decode_chunks en gst/flx/gstflxdec.c en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no válida y caída) a través de un archivo FLIC manipulado. An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media fi... • http://rhn.redhat.com/errata/RHSA-2016-2975.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 37EXPL: 0CVE-2016-9447 – gstreamer-plugins-bad-free: Memory corruption flaw in NSF decoder
https://notcve.org/view.php?id=CVE-2016-9447
21 Dec 2016 — The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file. Los mapeos ROM en el decodificador NSF en gstreamer 0.10.x permiten a atacantes remotos provocar una denegación de servicio (lectura o escritura fuera de límites) y posiblemente ejecutar código arbitrario a través de un archivo de música NSF manipulado. A memory corruption flaw was found in GStreamer's Nint... • http://rhn.redhat.com/errata/RHSA-2016-2974.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2016-9634 – gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
https://notcve.org/view.php?id=CVE-2016-9634
24 Nov 2016 — Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter. Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecutar código arbitrario o provocar una deneg... • http://rhn.redhat.com/errata/RHSA-2016-2975.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2016-9635 – gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
https://notcve.org/view.php?id=CVE-2016-9635
24 Nov 2016 — Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer. Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecutar cód... • http://rhn.redhat.com/errata/RHSA-2016-2975.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2016-9636 – gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
https://notcve.org/view.php?id=CVE-2016-9636
24 Nov 2016 — Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer. Desbordamiento de búfer basado en memoria dinámica en la función flx_decode_delta_fli en gst/flx/gstflxdec.c en el decoder FLIC en GStreamer en versiones anteriores a 1.10.2 permite a atacantes remotos ejecuta... • http://rhn.redhat.com/errata/RHSA-2016-2975.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 40EXPL: 0CVE-2015-0797 – Mozilla: Buffer overflow parsing H.264 video with Linux Gstreamer (MFSA 2015-47)
https://notcve.org/view.php?id=CVE-2015-0797
16 Apr 2015 — GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. GStreamer anterior a 1.4.5, utilizado en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 en Linux, permite a atacantes remotos causar una denegación de servi... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00017.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2009-0586 – gstreamer-plugins-base: integer overflow in gst_vorbis_tag_add_coverart()
https://notcve.org/view.php?id=CVE-2009-0586
14 Mar 2009 — Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. Un desbordamiento de enteros en la función gst_vorbis_tag_add_coverart (archivo gst-libs/gst/tag/gstvorbistag.c) en vorbistag en gst-plugins-base ... • http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9 • CWE-190: Integer Overflow or Wraparound •