High severity7.5NVD Advisory· Published Feb 9, 2017· Updated Jun 17, 2026
CVE-2017-5847
CVE-2017-5847
Description
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords3 versionspkg:rpm/opensuse/gstreamer&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/gstreamer-plugins-bad&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/gstreamer-plugins-ugly&distro=openSUSE%20Tumbleweed
< 1.18.5-2.1+ 2 more
- (no CPE)range: < 1.18.5-2.1
- (no CPE)range: < 1.18.5-2.1
- (no CPE)range: < 1.18.5-2.1
Patches
Vulnerability mechanics
References
8- www.openwall.com/lists/oss-security/2017/02/02/9nvdMailing ListPatchThird Party Advisory
- github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37nvdPatchThird Party Advisory
- www.debian.org/security/2017/dsa-3821nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2017/02/01/7nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/96001nvdThird Party AdvisoryVDB Entry
- bugzilla.gnome.org/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/05/msg00030.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201705-10nvdThird Party Advisory
News mentions
0No linked articles in our index yet.