ID CVE-2016-9809
Summary Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
References
Vulnerable Configurations
  • cpe:2.3:a:gstreamer:gstreamer:1.10.1
    cpe:2.3:a:gstreamer:gstreamer:1.10.1
CVSS
Base: 6.8 (as of 27-01-2017 - 10:30)
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-152.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issue : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)
    last seen 2017-10-29
    modified 2017-01-27
    plugin id 96823
    published 2017-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96823
    title openSUSE Security Update : gstreamer-0_10-plugins-bad (openSUSE-2017-152)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-0021.NASL
    description An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96342
    published 2017-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96342
    title CentOS 7 : gstreamer1-plugins-bad-free (CESA-2017:0021)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-0018.NASL
    description From Red Hat Security Advisory 2017:0018 : An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96326
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96326
    title Oracle Linux 7 : gstreamer-plugins-bad-free (ELSA-2017-0018)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170105_GSTREAMER_PLUGINS_BAD_FREE_ON_SL7_X.NASL
    description Security Fix(es) : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96332
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96332
    title Scientific Linux Security Update : gstreamer-plugins-bad-free on SL7.x x86_64
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1007.NASL
    description According to the versions of the gstreamer1-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-05-04
    plugin id 99853
    published 2017-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99853
    title EulerOS 2.0 SP2 : gstreamer1-plugins-bad-free (EulerOS-SA-2017-1007)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-A3BC78DE2B.NASL
    description vmncdec: Sanity-check width/height before using it ---- Remove insecure nsf plugin (#1395126) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 95902
    published 2016-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95902
    title Fedora 24 : gstreamer-plugins-bad-free (2016-a3bc78de2b)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170105_GSTREAMER1_PLUGINS_BAD_FREE_ON_SL7_X.NASL
    description Security Fix(es) : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug- ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96330
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96330
    title Scientific Linux Security Update : gstreamer1-plugins-bad-free on SL7.x x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-0021.NASL
    description An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96313
    published 2017-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96313
    title RHEL 7 : gstreamer1-plugins-bad-free (RHSA-2017:0021)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-9C63B652A8.NASL
    description vmncdec: Sanity-check width/height before using it Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 95681
    published 2016-12-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95681
    title Fedora 25 : gstreamer-plugins-bad-free (2016-9c63b652a8)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-736.NASL
    description An out of bounds heap bug was found in the H264 parser in gst-plugins-bad0.10. For Debian 7 'Wheezy', these problems have been fixed in version 0.10.23-7.1+deb7u4. We recommend that you upgrade your gst-plugins-bad0.10 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 95635
    published 2016-12-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95635
    title Debian DLA-736-1 : gst-plugins-bad0.10 security update
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-07-18
    plugin id 101401
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101401
    title Virtuozzo 7 : gstreamer-plugins-bad-free / etc (VZLSA-2017-0018)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1008.NASL
    description According to the versions of the gstreamer1-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-05-04
    plugin id 99854
    published 2017-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99854
    title EulerOS 2.0 SP1 : gstreamer1-plugins-bad-free (EulerOS-SA-2017-1008)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3818.NASL
    description Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened.
    last seen 2017-10-29
    modified 2017-03-31
    plugin id 99004
    published 2017-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99004
    title Debian DSA-3818-1 : gst-plugins-bad1.0 - security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0330-1.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issue : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-31
    plugin id 96901
    published 2017-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96901
    title SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2017:0330-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201705-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-201705-10 (GStreamer plug-ins: User-assisted execution of arbitrary code) Multiple vulnerabilities have been discovered in various GStreamer plug-ins. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automated system using a GStreamer plug-in to process a specially crafted file, resulting in the execution of arbitrary code or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2017-10-29
    modified 2017-05-18
    plugin id 100263
    published 2017-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100263
    title GLSA-201705-10 : GStreamer plug-ins: User-assisted execution of arbitrary code
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-CA6CC3CE3E.NASL
    description Fix h264 and h265 parser size checks Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 95687
    published 2016-12-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95687
    title Fedora 24 : gstreamer1-plugins-bad-free (2016-ca6cc3ce3e)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-208.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issue : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659) This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2017-10-29
    modified 2017-02-06
    plugin id 97005
    published 2017-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97005
    title openSUSE Security Update : gstreamer-0_10-plugins-bad (openSUSE-2017-208)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-63.NASL
    description This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes : - Check an integer overflow (CVE-2016-9445) and initialize a buffer (CVE-2016-9446) in vmncdec. (bsc#1010829) - CVE-2016-9809: Ensure codec_data has the right size when reading number of SPS (bsc#1013659). - CVE-2016-9812: Add more section size checks (bsc#1013678). - CVE-2016-9813: fix PAT parsing (bsc#1013680). This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96382
    published 2017-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96382
    title openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-63)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-94.NASL
    description This update for gstreamer-plugins-bad fixes the following issues : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659). - CVE-2016-9812: Out of bounds read in gst_mpegts_section_new (bsc#1013678). - CVE-2016-9813: mpegts parser: NULL pointer deref in _parse_pat (bsc#1013680).
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96558
    published 2017-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96558
    title openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-94)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-3297-1.NASL
    description This update for gstreamer-plugins-bad fixes the following issues : - CVE-2016-9809: Malicious mkv/h264 file could cause an off by one out of bounds read and lead to crash (bsc#1013659) - CVE-2016-9812: Malicious mpeg file could cause invalid a NULL pointer access and lead to crash (bsc#1013678) - CVE-2016-9813: Malicious mpegts file could cause invalid a NULL pointer access and lead to crash (bsc#1013680) - CVE-2016-9445, CVE-2016-9446: Check an integer overflow and initialize a buffer in vmncdec (bsc#1010829) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96259
    published 2017-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96259
    title SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-bad (SUSE-SU-2016:3297-1)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1009.NASL
    description According to the versions of the gstreamer-plugins-bad-free package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-05-04
    plugin id 99855
    published 2017-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99855
    title EulerOS 2.0 SP2 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1009)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1010.NASL
    description According to the versions of the gstreamer-plugins-bad-free packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) - A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) - An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-05-04
    plugin id 99856
    published 2017-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99856
    title EulerOS 2.0 SP1 : gstreamer-plugins-bad-free (EulerOS-SA-2017-1010)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-85.NASL
    description This update for gstreamer-0_10-plugins-bad fixes the following issue : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659)
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96551
    published 2017-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96551
    title openSUSE Security Update : gstreamer-0_10-plugins-bad (openSUSE-2017-85)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-84.NASL
    description This update for gstreamer-plugins-bad fixes the following issues : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659). - CVE-2016-9812: Out of bounds read in gst_mpegts_section_new (bsc#1013678). - CVE-2016-9813: mpegts parser: NULL pointer deref in _parse_pat (bsc#1013680).
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96550
    published 2017-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96550
    title openSUSE Security Update : gstreamer-plugins-bad (openSUSE-2017-84)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0331-1.NASL
    description gstreamer-0_10-plugins-bad was udpated to fix one issue. This security issue was fixed : - CVE-2016-9809: Off by one read in gst_h264_parse_set_caps() (bsc#1013659). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-31
    plugin id 96902
    published 2017-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96902
    title SUSE SLED12 Security Update : gstreamer-0_10-plugins-bad (SUSE-SU-2017:0331-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96339
    published 2017-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96339
    title CentOS 7 : gstreamer-plugins-bad-free (CESA-2017:0018)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-3296-1.NASL
    description This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes : - Check an integer overflow (CVE-2016-9445) and initialize a buffer (CVE-2016-9446) in vmncdec. (bsc#1010829) - CVE-2016-9809: Ensure codec_data has the right size when reading number of SPS (bsc#1013659). - CVE-2016-9812: Add more section size checks (bsc#1013678). - CVE-2016-9813: fix PAT parsing (bsc#1013680). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96258
    published 2017-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96258
    title SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-bad (SUSE-SU-2016:3296-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-0021.NASL
    description From Red Hat Security Advisory 2017:0021 : An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813)
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96329
    published 2017-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96329
    title Oracle Linux 7 : gstreamer1-plugins-bad-free (ELSA-2017-0021)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-0018.NASL
    description An update for gstreamer-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in.
    last seen 2017-10-29
    modified 2017-01-23
    plugin id 96310
    published 2017-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96310
    title RHEL 7 : gstreamer-plugins-bad-free (RHSA-2017:0018)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-0021.NASL
    description An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813) Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2017-10-29
    modified 2017-07-18
    plugin id 101404
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101404
    title Virtuozzo 7 : gstreamer1-plugins-bad-free / etc (VZLSA-2017-0021)
redhat via4
advisories
  • bugzilla
    id 1401880
    title CVE-2016-9809 gstreamer-plugins-bad-free: Off-by-one read in gst_h264_parse_set_caps
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment gstreamer-plugins-bad-free is earlier than 0:0.10.23-22.el7_3
          oval oval:com.redhat.rhsa:tst:20170018009
        • comment gstreamer-plugins-bad-free is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974006
      • AND
        • comment gstreamer-plugins-bad-free-devel is earlier than 0:0.10.23-22.el7_3
          oval oval:com.redhat.rhsa:tst:20170018007
        • comment gstreamer-plugins-bad-free-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974008
      • AND
        • comment gstreamer-plugins-bad-free-devel-docs is earlier than 0:0.10.23-22.el7_3
          oval oval:com.redhat.rhsa:tst:20170018005
        • comment gstreamer-plugins-bad-free-devel-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162974012
    rhsa
    id RHSA-2017:0018
    released 2017-01-05
    severity Moderate
    title RHSA-2017:0018: gstreamer-plugins-bad-free security update (Moderate)
  • rhsa
    id RHSA-2017:0021
rpms
  • gstreamer-plugins-bad-free-0:0.10.23-22.el7_3
  • gstreamer-plugins-bad-free-devel-0:0.10.23-22.el7_3
  • gstreamer-plugins-bad-free-devel-docs-0:0.10.23-22.el7_3
  • gstreamer1-plugins-bad-free-0:1.4.5-6.el7_3
  • gstreamer1-plugins-bad-free-devel-0:1.4.5-6.el7_3
refmap via4
bid 95147
confirm
debian DSA-3818
gentoo GLSA-201705-10
mlist
  • [oss-security] 20161201 gstreamer multiple issues
  • [oss-security] 20161204 Re: gstreamer multiple issues
Last major update 27-01-2017 - 12:12
Published 13-01-2017 - 11:59
Last modified 04-01-2018 - 21:31
Back to Top