VYPR

rpm package

suse/gstreamer-plugins-good&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/gstreamer-plugins-good&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (9)

  • CVE-2017-5840HigFeb 9, 2017
    affected < 1.2.4-2.9.1fixed 1.2.4-2.9.1

    The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.

  • CVE-2016-10199HigFeb 9, 2017
    affected < 1.2.4-2.9.1fixed 1.2.4-2.9.1

    The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.

  • CVE-2016-10198MedFeb 9, 2017
    affected < 1.2.4-2.9.1fixed 1.2.4-2.9.1

    The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.

  • CVE-2016-9636CriJan 27, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond t

  • CVE-2016-9635CriJan 27, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond in

  • CVE-2016-9634CriJan 27, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

  • CVE-2016-9810MedJan 13, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    The gst_decode_chain_free_internal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via an invalid file, which triggers an incorrect unref call.

  • CVE-2016-9808HigJan 13, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.

  • CVE-2016-9807MedJan 13, 2017
    affected < 1.2.4-2.3.1fixed 1.2.4-2.3.1

    The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.