VDB

GCVE-110-MAGEIA-2016-424

GCVE-110-MAGEIA-2016-424
Advisory Published
Vulnetix · Advisory published December 29, 2016
Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808). An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash (CVE-2016-9807, CVE-2016-9810). Note that CVE-2016-9810 only affected gstreamer1.0-plugins-good.

Affected Products

VendorProductVersionsPlatforms
Mageiagstreamer1.0-plugins-good0 (affected), 1.4.3-2.1.mga5 (unaffected)
Mageiagstreamer0.10-plugins-good0 (affected), 0.10.31-9.1.mga5 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›