Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9634

Опубликовано: 27 янв. 2017
Источник: debian
EPSS Средний

Описание

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gst-plugins-good1.0fixed1.10.1-2package
gst-plugins-good0.10removedpackage

Примечания

  • https://scarybeastsecurity.blogspot.ch/2016/11/0day-exploit-advancing-exploitation.html

  • https://bugzilla.gnome.org/show_bug.cgi?id=774834

  • Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bf43f44fcfada5ec4a3ce60cb374340486fe9fac

  • Fixed by: https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=fec77de8cbb0c8192b77aff2e563705ba421f2f2

  • Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=45dcd0b9ccf33ed85cdafeb871a3781f5be57fd9

  • Fixed by (later followed up): https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff

EPSS

Процентиль: 95%
0.2046
Средний

Связанные уязвимости

ubuntu логотип

CVE-2016-9634

CVSS3: 9.8
ubuntu
больше 8 лет назад

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

redhat логотип

CVE-2016-9634

CVSS3: 7.5
redhat
больше 8 лет назад

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

nvd логотип

CVE-2016-9634

CVSS3: 9.8
nvd
больше 8 лет назад

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

github логотип

GHSA-fp84-6752-h29x

CVSS3: 9.8
github
больше 3 лет назад

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.

oracle-oval логотип

ELSA-2017-0020

oracle-oval
больше 8 лет назад

ELSA-2017-0020: gstreamer1-plugins-good security update (MODERATE)

EPSS

Процентиль: 95%
0.2046
Средний