cpe:2.3:a:gstreamer_project:gstreamer:0.10.14:*:*:*:*:*:*:*
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution.
Max CVSS
8.8
EPSS Score
2.24%
Published
2019-04-24
Updated
2020-08-24
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
Max CVSS
7.8
EPSS Score
1.56%
Published
2017-01-23
Updated
2018-01-05
GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file.
Max CVSS
6.8
EPSS Score
2.38%
Published
2015-05-14
Updated
2020-09-28
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
1.11%
Published
2009-03-14
Updated
2023-02-13
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!