ID CVE-2016-10199
Summary The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
References
Vulnerable Configurations
  • cpe:2.3:a:gstreamer_project:gstreamer:1.10.2
    cpe:2.3:a:gstreamer_project:gstreamer:1.10.2
CVSS
Base: 5.0 (as of 10-02-2017 - 10:39)
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-1004-1.NASL
    description This update for gstreamer-plugins-good fixes the following issues : - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service (bsc#1024014, CVE-2016-10198) - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (bsc#1024017, CVE-2016-10199) - A crafted avi file could have caused an invalid read and thus corruption or denial of service (bsc#1024034, CVE-2017-5840) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-04-14
    plugin id 99394
    published 2017-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99394
    title SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2017:1004-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170802_GSTREAMER_ON_SL7_X.NASL
    description The following packages have been upgraded to a later upstream version: clutter-gst2 (2.0.18), gnome-video-effects (0.4.3), gstreamer1 (1.10.4), gstreamer1-plugins-bad-free (1.10.4), gstreamer1-plugins-base (1.10.4), gstreamer1-plugins-good (1.10.4), orc (0.4.26). Security Fix(es) : - Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848)
    last seen 2017-10-29
    modified 2017-08-22
    plugin id 102659
    published 2017-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102659
    title Scientific Linux Security Update : GStreamer on SL7.x x86_64
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201705-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-201705-10 (GStreamer plug-ins: User-assisted execution of arbitrary code) Multiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automated system using a GStreamer plug-in to process a specially crafted file, resulting in the execution of arbitrary code or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2017-10-29
    modified 2017-05-18
    plugin id 100263
    published 2017-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100263
    title GLSA-201705-10 : GStreamer plug-ins: User-assisted execution of arbitrary code
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-1FC4026D15.NASL
    description Security fix for CVE-2016-10199, CVE-2017-5845, CVE-2017-5840, CVE-2017-5841 - Downgrade to 1.10.3 as it is the latest stable release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-02-21
    plugin id 97240
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97240
    title Fedora 25 : mingw-gstreamer1-plugins-good (2017-1fc4026d15)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-1010-1.NASL
    description This update for gstreamer-plugins-good fixes the following issues : - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service (bsc#1024014, CVE-2016-10198) - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (bsc#1024017, CVE-2016-10199) - A crafted avi file could have caused an invalid read and thus corruption or denial of service (bsc#1024034, CVE-2017-5840) - A crafted AVI file with metadata tag entries (ncdt) could have caused invalid read access and thus corruption or denial of service (bsc#1024030, CVE-2017-5841) - A crafted avi file could have caused an invalid read access resulting in denial of service (bsc#1024062, CVE-2017-5845) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-04-14
    plugin id 99396
    published 2017-04-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99396
    title SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-good (SUSE-SU-2017:1010-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2060.NASL
    description An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The following packages have been upgraded to a later upstream version: clutter-gst2 (2.0.18), gnome-video-effects (0.4.3), gstreamer1 (1.10.4), gstreamer1-plugins-bad-free (1.10.4), gstreamer1-plugins-base (1.10.4), gstreamer1-plugins-good (1.10.4), orc (0.4.26). Security Fix(es) : * Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
    last seen 2017-10-29
    modified 2017-08-07
    plugin id 102150
    published 2017-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102150
    title RHEL 7 : GStreamer (RHSA-2017:2060)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3820.NASL
    description Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened.
    last seen 2017-10-29
    modified 2017-03-31
    plugin id 99006
    published 2017-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99006
    title Debian DSA-3820-1 : gst-plugins-good1.0 - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-495.NASL
    description This update for gstreamer-plugins-good fixes the following issues : - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service (bsc#1024014, CVE-2016-10198) - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (bsc#1024017, CVE-2016-10199) - A crafted avi file could have caused an invalid read and thus corruption or denial of service (bsc#1024034, CVE-2017-5840) - A crafted AVI file with metadata tag entries (ncdt) could have caused invalid read access and thus corruption or denial of service (bsc#1024030, CVE-2017-5841) - A crafted avi file could have caused an invalid read access resulting in denial of service (bsc#1024062, CVE-2017-5845)
    last seen 2017-10-29
    modified 2017-04-21
    plugin id 99560
    published 2017-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99560
    title openSUSE Security Update : gstreamer-plugins-good (openSUSE-2017-495)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3245-1.NASL
    description Hanno Bock discovered that GStreamer Good Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-03-30
    plugin id 99024
    published 2017-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99024
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : gst-plugins-good0.10, gst-plugins-good1.0 vulnerabilities (USN-3245-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-490.NASL
    description This update for gstreamer-plugins-good fixes the following issues : - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service (bsc#1024014, CVE-2016-10198) - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (bsc#1024017, CVE-2016-10199) - A crafted avi file could have caused an invalid read and thus corruption or denial of service (bsc#1024034, CVE-2017-5840) - A crafted AVI file with metadata tag entries (ncdt) could have caused invalid read access and thus corruption or denial of service (bsc#1024030, CVE-2017-5841) - A crafted avi file could have caused an invalid read access resulting in denial of service (bsc#1024062, CVE-2017-5845) This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2017-10-29
    modified 2017-04-20
    plugin id 99498
    published 2017-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99498
    title openSUSE Security Update : gstreamer-plugins-good (openSUSE-2017-490)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1205.NASL
    description According to the versions of the gstreamer packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-07-01
    modified 2018-06-29
    plugin id 103063
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103063
    title EulerOS 2.0 SP1 : gstreamer (EulerOS-SA-2017-1205)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1206.NASL
    description According to the versions of the gstreamer packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-07-04
    modified 2018-07-03
    plugin id 103064
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103064
    title EulerOS 2.0 SP2 : gstreamer (EulerOS-SA-2017-1206)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-2060.NASL
    description An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The following packages have been upgraded to a later upstream version: clutter-gst2 (2.0.18), gnome-video-effects (0.4.3), gstreamer1 (1.10.4), gstreamer1-plugins-bad-free (1.10.4), gstreamer1-plugins-base (1.10.4), gstreamer1-plugins-good (1.10.4), orc (0.4.26). Security Fix(es) : * Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework. (CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2016-10198, CVE-2016-10199, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
    last seen 2018-07-04
    modified 2018-07-03
    plugin id 102752
    published 2017-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102752
    title CentOS 7 : clutter-gst2 / gnome-video-effects / gstreamer-plugins-bad-free / etcgstreamer1 / etc (CESA-2017:2060)
redhat via4
advisories
rhsa
id RHSA-2017:2060
rpms
  • orc-0:0.4.26-1.el7
  • orc-compiler-0:0.4.26-1.el7
  • orc-devel-0:0.4.26-1.el7
  • orc-doc-0:0.4.26-1.el7
  • gstreamer-plugins-good-0:0.10.31-13.el7
  • gstreamer-plugins-good-devel-docs-0:0.10.31-13.el7
  • gstreamer-plugins-bad-free-0:0.10.23-23.el7
  • gstreamer-plugins-bad-free-devel-0:0.10.23-23.el7
  • gstreamer-plugins-bad-free-devel-docs-0:0.10.23-23.el7
  • clutter-gst2-0:2.0.18-1.el7
  • clutter-gst2-devel-0:2.0.18-1.el7
  • gnome-video-effects-0:0.4.3-1.el7
  • gstreamer1-plugins-base-0:1.10.4-1.el7
  • gstreamer1-plugins-base-devel-0:1.10.4-1.el7
  • gstreamer1-plugins-base-devel-docs-0:1.10.4-1.el7
  • gstreamer1-plugins-base-tools-0:1.10.4-1.el7
  • gstreamer1-0:1.10.4-2.el7
  • gstreamer1-devel-0:1.10.4-2.el7
  • gstreamer1-devel-docs-0:1.10.4-2.el7
  • gstreamer1-plugins-good-0:1.10.4-2.el7
  • gstreamer1-plugins-bad-free-0:1.10.4-2.el7
  • gstreamer1-plugins-bad-free-devel-0:1.10.4-2.el7
  • gstreamer1-plugins-bad-free-gtk-0:1.10.4-2.el7
refmap via4
bid 96001
confirm
debian DSA-3820
gentoo GLSA-201705-10
mlist
  • [oss-security] 20170201 Multiple memory access issues in gstreamer
  • [oss-security] 20170202 Re: Multiple memory access issues in gstreamer
Last major update 13-02-2017 - 14:47
Published 09-02-2017 - 10:59
Last modified 04-01-2018 - 21:30
Back to Top