Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5843

Опубликовано: 19 янв. 2017
Источник: redhat
CVSS3: 2.5
EPSS Низкий

Описание

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6gstreamer-plugins-bad-freeWill not fix
Red Hat Enterprise Virtualization 3mingw-virt-viewerWill not fix
Red Hat Enterprise Linux 7clutter-gst2FixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gnome-video-effectsFixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer1FixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer1-plugins-bad-freeFixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer1-plugins-baseFixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer1-plugins-goodFixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer-plugins-bad-freeFixedRHSA-2017:206001.08.2017
Red Hat Enterprise Linux 7gstreamer-plugins-goodFixedRHSA-2017:206001.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1419592gstreamer-plugins-bad-free: Use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks

EPSS

Процентиль: 91%
0.0655
Низкий

2.5 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-5843

CVSS3: 7.5
ubuntu
почти 9 лет назад

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

nvd логотип

CVE-2017-5843

CVSS3: 7.5
nvd
почти 9 лет назад

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

debian логотип

CVE-2017-5843

CVSS3: 7.5
debian
почти 9 лет назад

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unr ...

github логотип

GHSA-xqgw-4rjf-hj4w

CVSS3: 7.5
github
больше 3 лет назад

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

suse-cvrf логотип

openSUSE-SU-2017:1032-1

suse-cvrf
почти 9 лет назад

Security update for gstreamer-plugins-bad

EPSS

Процентиль: 91%
0.0655
Низкий

2.5 Low

CVSS3