Описание
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | gstreamer-plugins-bad-free | Not affected | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix | ||
| Red Hat Enterprise Linux 7 | gstreamer-plugins-bad-free | Fixed | RHSA-2017:0018 | 05.01.2017 |
| Red Hat Enterprise Linux 7 | gstreamer1-plugins-bad-free | Fixed | RHSA-2017:0021 | 05.01.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.1 Low
CVSS3
2.6 Low
CVSS2
Связанные уязвимости
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read.
Off-by-one error in the gst_h264_parse_set_caps function in GStreamer ...
EPSS
3.1 Low
CVSS3
2.6 Low
CVSS2