Showing 1 - 3 of 3

CVE-2017-5839

Status Candidate

Overview

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.

Related Files

Red Hat Security Advisory 2017-2060-01: Posted Aug 2, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-2060-01 - GStreamer is a streaming media framework based on graphs of filters which operate on media data. The following packages have been upgraded to a later upstream version: clutter-gst2, gnome-video-effects, gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, orc. Security Fix: Multiple flaws were found in gstreamer1, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-bad-free packages. An attacker could potentially use these flaws to crash applications which use the GStreamer framework.; tags | advisory; systems | linux, redhat; advisories | CVE-2016-10198, CVE-2016-10199, CVE-2016-9446, CVE-2016-9810, CVE-2016-9811, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5848; SHA-256 | ca725469c0ec4815e1125cf56a6ad446fb61c6b805739b0077ed192033398399; Download | Favorite | View

Gentoo Linux Security Advisory 201705-10: Posted May 18, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201705-10 - Multiple vulnerabilities have been found in various GStreamer plug-ins, the worst of which could lead to the execution of arbitrary code.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2016-10198, CVE-2016-10199, CVE-2016-9445, CVE-2016-9446, CVE-2016-9447, CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9807, CVE-2016-9808, CVE-2016-9809, CVE-2016-9810, CVE-2016-9811, CVE-2016-9812, CVE-2016-9813, CVE-2017-5837, CVE-2017-5838, CVE-2017-5839, CVE-2017-5840, CVE-2017-5841, CVE-2017-5842, CVE-2017-5843, CVE-2017-5844, CVE-2017-5845, CVE-2017-5846, CVE-2017-5847, CVE-2017-5848; SHA-256 | d19fb23ad4b2fc831938cabf73b2d4c43a373684b58cd407603dc6b3dd74a9a7; Download | Favorite | View

Ubuntu Security Notice USN-3244-1: Posted Mar 28, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3244-1 - Hanno Boeck discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844; SHA-256 | b40cdf288bb3cb69187341104e38e859e49e3de86d008f11c28e0eac8d5f3949; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 252 files
indoushka 165 files
Jay Turla 150 files
Ubuntu 71 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

CVE-2017-5839

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems