Shodan
Vulnerabilities
Vulnerable Software
Gstreamer Project:  >> Gstreamer  Security Vulnerabilities
CVE-2017-5844
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
CVSS Score
5.5
EPSS Score
0.008
Published
2017-02-09
CVE-2017-5845
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.
CVSS Score
7.5
EPSS Score
0.025
Published
2017-02-09
CVE-2017-5846
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.
CVSS Score
5.5
EPSS Score
0.007
Published
2017-02-09
CVE-2017-5847
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
CVSS Score
7.5
EPSS Score
0.031
Published
2017-02-09
CVE-2017-5848
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
CVSS Score
7.5
EPSS Score
0.055
Published
2017-02-09
CVE-2016-10198
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
CVSS Score
5.5
EPSS Score
0.017
Published
2017-02-09
CVE-2016-10199
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
CVSS Score
7.5
EPSS Score
0.052
Published
2017-02-09
CVE-2016-9445
Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.
CVSS Score
7.5
EPSS Score
0.024
Published
2017-01-23
CVE-2016-9446
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
CVSS Score
7.5
EPSS Score
0.013
Published
2017-01-23
CVE-2016-9447
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-01-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved