CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9811

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.3%

CVSS Severity

CVSS v3 Score 4.7

CVSS v2 Score 4.3

References

Products affected by CVE-2016-9811

Gstreamer » Gstreamer » Version: 1.10.1

cpe:2.3:a:gstreamer:gstreamer:1.10.1
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0
Fedoraproject » Fedora » Version: 35

cpe:2.3:o:fedoraproject:fedora:35
Redhat » Enterprise Linux Desktop » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
Redhat » Enterprise Linux Eus » Version: 7.4

cpe:2.3:o:redhat:enterprise_linux_eus:7.4
Redhat » Enterprise Linux Eus » Version: 7.5

cpe:2.3:o:redhat:enterprise_linux_eus:7.5
Redhat » Enterprise Linux Eus » Version: 7.6

cpe:2.3:o:redhat:enterprise_linux_eus:7.6
Redhat » Enterprise Linux Eus » Version: 7.7

cpe:2.3:o:redhat:enterprise_linux_eus:7.7
Redhat » Enterprise Linux Server » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_server:7.0
Redhat » Enterprise Linux Server Aus » Version: 7.4

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
Redhat » Enterprise Linux Server Aus » Version: 7.6

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
Redhat » Enterprise Linux Server Aus » Version: 7.7

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
Redhat » Enterprise Linux Server Tus » Version: 7.6

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
Redhat » Enterprise Linux Server Tus » Version: 7.7

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
Redhat » Enterprise Linux Workstation » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9811

Products

Pricing

Contact Us