rpm package
suse/gstreamer-0_10-plugins-base&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
pkg:rpm/suse/gstreamer-0_10-plugins-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9928 | — | < 0.10.36-18.3.2 | 0.10.36-18.3.2 | Apr 24, 2019 | GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. | ||
| CVE-2017-5844 | Med | 5.5 | < 0.10.36-17.13 | 0.10.36-17.13 | Feb 9, 2017 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file. | |
| CVE-2017-5837 | Med | 5.5 | < 0.10.36-17.13 | 0.10.36-17.13 | Feb 9, 2017 | The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file. | |
| CVE-2016-9811 | Med | 4.7 | < 0.10.36-14.1 | 0.10.36-14.1 | Jan 13, 2017 | The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file. |
- CVE-2019-9928Apr 24, 2019affected < 0.10.36-18.3.2fixed 0.10.36-18.3.2
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
- affected < 0.10.36-17.13fixed 0.10.36-17.13
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
- affected < 0.10.36-17.13fixed 0.10.36-17.13
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
- affected < 0.10.36-14.1fixed 0.10.36-14.1
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.