ID CVE-2016-9447
Summary The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
References
Vulnerable Configurations
  • GStreamer Project GStreamer 0.10.0
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.0
  • GStreamer Project GStreamer 0.10.1
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.1
  • GStreamer Project GStreamer 0.10.2
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.2
  • GStreamer Project GStreamer 0.10.3
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.3
  • GStreamer Project GStreamer 0.10.4
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.4
  • GStreamer Project GStreamer 0.10.5
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.5
  • GStreamer Project GStreamer 0.10.6
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.6
  • GStreamer Project GStreamer 0.10.7
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.7
  • GStreamer Project GStreamer 0.10.8
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.8
  • GStreamer Project GStreamer 0.10.9
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.9
  • GStreamer Project GStreamer 0.10.10
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.10
  • GStreamer Project GStreamer 0.10.11
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.11
  • GStreamer Project GStreamer 0.10.12
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.12
  • GStreamer Project GStreamer 0.10.13
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.13
  • GStreamer Project GStreamer 0.10.14
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.14
  • GStreamer Project GStreamer 0.10.15
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.15
  • GStreamer Project GStreamer 0.10.16
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.16
  • GStreamer Project GStreamer 0.10.17
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.17
  • GStreamer Project GStreamer 0.10.18
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.18
  • GStreamer Project GStreamer 0.10.19
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.19
  • GStreamer Project GStreamer 0.10.20
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.20
  • GStreamer Project GStreamer 0.10.21
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.21
  • GStreamer Project GStreamer 0.10.22
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.22
  • GStreamer Project GStreamer 0.10.23
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.23
  • GStreamer Project GStreamer 0.10.24
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.24
  • GStreamer Project GStreamer 0.10.25
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.25
  • GStreamer Project GStreamer 0.10.26
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.26
  • GStreamer Project GStreamer 0.10.27
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.27
  • GStreamer Project GStreamer 0.10.28
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.28
  • GStreamer Project GStreamer 0.10.29
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.29
  • GStreamer Project GStreamer 0.10.30
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.30
  • GStreamer Project GStreamer 0.10.31
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.31
  • GStreamer Project GStreamer 0.10.32
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.32
  • GStreamer Project GStreamer 0.10.33
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.33
  • GStreamer Project GStreamer 0.10.34
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.34
  • GStreamer Project GStreamer 0.10.35
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.35
  • GStreamer Project GStreamer 0.10.36
    cpe:2.3:a:gstreamer_project:gstreamer:0.10.36
CVSS
Base: 6.8 (as of 25-01-2017 - 23:12)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2016-2974.NASL
    description From Red Hat Security Advisory 2016:2974 : An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 96066
    published 2016-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96066
    title Oracle Linux 6 : gstreamer-plugins-bad-free (ELSA-2016-2974)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201705-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-201705-10 (GStreamer plug-ins: User-assisted execution of arbitrary code) Multiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automated system using a GStreamer plug-in to process a specially crafted file, resulting in the execution of arbitrary code or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2017-05-18
    plugin id 100263
    published 2017-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100263
    title GLSA-201705-10 : GStreamer plug-ins: User-assisted execution of arbitrary code
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170105_GSTREAMER_PLUGINS_BAD_FREE_ON_SL7_X.NASL
    description Security Fix(es) : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 96332
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96332
    title Scientific Linux Security Update : gstreamer-plugins-bad-free on SL7.x x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-0018.NASL
    description From Red Hat Security Advisory 2017:0018 : An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 96326
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96326
    title Oracle Linux 7 : gstreamer-plugins-bad-free (ELSA-2017-0018)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-A3BC78DE2B.NASL
    description vmncdec: Sanity-check width/height before using it ---- Remove insecure nsf plugin (#1395126) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-23
    plugin id 95902
    published 2016-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95902
    title Fedora 24 : gstreamer-plugins-bad-free (2016-a3bc78de2b)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-FDEDFC86D0.NASL
    description Remove insecure nsf plugin (#1395126) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-01-30
    plugin id 95545
    published 2016-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95545
    title Fedora 25 : gstreamer-plugins-bad-free (2016-fdedfc86d0)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-64.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issues : - CVE-2016-9445, CVE-2016-9446: Protection against buffer overflows (bsc#1010829) - CVE-2016-9447: Disable the nsf plugin (bsc#1010514) This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2019-02-21
    modified 2017-01-31
    plugin id 96383
    published 2017-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96383
    title openSUSE Security Update : gstreamer-0_10-plugins-bad (openSUSE-2017-64)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1010.NASL
    description According to the versions of the gstreamer-plugins-bad-free packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 99856
    published 2017-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99856
    title EulerOS 2.0 SP1 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2016-2974.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 96049
    published 2016-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96049
    title CentOS 6 : gstreamer-plugins-bad-free (CESA-2016:2974)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20161221_GSTREAMER_PLUGINS_BAD_FREE_ON_SL6_X.NASL
    description Security Fix(es) : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 96041
    published 2016-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96041
    title Scientific Linux Security Update : gstreamer-plugins-bad-free on SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-2974.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 96039
    published 2016-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96039
    title RHEL 6 : gstreamer-plugins-bad-free (RHSA-2016:2974)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0027-1.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issues : - CVE-2016-9445, CVE-2016-9446: Protection against buffer overflows (bsc#1010829) - CVE-2016-9447: Disable the nsf plugin (bsc#1010514) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 96334
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96334
    title SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2017:0027-1)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1009.NASL
    description According to the versions of the gstreamer-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 99855
    published 2017-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99855
    title EulerOS 2.0 SP2 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 101401
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101401
    title Virtuozzo 7 : gstreamer-plugins-bad-free / etc (VZLSA-2017-0018)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 96339
    published 2017-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96339
    title CentOS 7 : gstreamer-plugins-bad-free (CESA-2017:0018)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0028-1.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issues : - CVE-2016-9445, CVE-2016-9446: Protection against buffer overflows (bsc#1010829) - CVE-2016-9447: Disable the nsf plugin (bsc#1010514) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 96335
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96335
    title SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2017:0028-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-712.NASL
    description CVE-2016-9445 CVE-2016-9446 Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code. He also found that an initialized buffer may lead into memory disclosure. CVE-2016-9447 Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code. For Debian 7 'Wheezy', these problems have been fixed in version 0.10.23-7.1+deb7u3. We recommend that you upgrade your gst-plugins-bad0.10 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 94983
    published 2016-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94983
    title Debian DLA-712-1 : gst-plugins-bad0.10 security update
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 96310
    published 2017-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96310
    title RHEL 7 : gstreamer-plugins-bad-free (RHSA-2017:0018)
redhat via4
advisories
  • bugzilla
    id 1395767
    title CVE-2016-9445 gstreamer-plugins-bad-free: Integer overflow when allocating render buffer in VMnc decoder
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment gstreamer-plugins-bad-free is earlier than 0:0.10.19-5.el6_8
          oval oval:com.redhat.rhsa:tst:20162974005
        • comment gstreamer-plugins-bad-free is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974006
      • AND
        • comment gstreamer-plugins-bad-free-devel is earlier than 0:0.10.19-5.el6_8
          oval oval:com.redhat.rhsa:tst:20162974007
        • comment gstreamer-plugins-bad-free-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974008
      • AND
        • comment gstreamer-plugins-bad-free-devel-docs is earlier than 0:0.10.19-5.el6_8
          oval oval:com.redhat.rhsa:tst:20162974011
        • comment gstreamer-plugins-bad-free-devel-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974012
      • AND
        • comment gstreamer-plugins-bad-free-extras is earlier than 0:0.10.19-5.el6_8
          oval oval:com.redhat.rhsa:tst:20162974009
        • comment gstreamer-plugins-bad-free-extras is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974010
    rhsa
    id RHSA-2016:2974
    released 2016-12-21
    severity Important
    title RHSA-2016:2974: gstreamer-plugins-bad-free security update (Important)
  • rhsa
    id RHSA-2017:0018
rpms
  • gstreamer-plugins-bad-free-0:0.10.19-5.el6_8
  • gstreamer-plugins-bad-free-devel-0:0.10.19-5.el6_8
  • gstreamer-plugins-bad-free-devel-docs-0:0.10.19-5.el6_8
  • gstreamer-plugins-bad-free-extras-0:0.10.19-5.el6_8
  • gstreamer-plugins-bad-free-0:0.10.23-22.el7_3
  • gstreamer-plugins-bad-free-devel-0:0.10.23-22.el7_3
  • gstreamer-plugins-bad-free-devel-docs-0:0.10.23-22.el7_3
refmap via4
bid 94427
gentoo GLSA-201705-10
misc http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
mlist
  • [oss-security] 20161118 CVE Request: gstreamer plugins
  • [oss-security] 20161118 Re: CVE Request: gstreamer plugins
Last major update 26-01-2017 - 09:32
Published 23-01-2017 - 16:59
Last modified 04-01-2018 - 21:31
Back to Top