Описание
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| precise | not-affected | code not present |
| precise/esm | DNE | precise was not-affected [code not present] |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | needed | |
| vivid/stable-phone-overlay | not-affected | code not present |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.10.3-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.2.4-1~ubuntu2.1]] |
| esm-infra/xenial | released | 1.8.3-1ubuntu0.2 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 1.2.4-1~ubuntu2.1 |
| trusty/esm | DNE | trusty was released [1.2.4-1~ubuntu2.1] |
| upstream | released | 1.10.3-1 |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | DNE |
Показывать по
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
The html_context_handle_element function in gst/subparse/samiparse.c i ...
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
4.3 Medium
CVSS2
5.5 Medium
CVSS3