cpe:2.3:a:gstreamer_project:gstreamer:0.10.14:*:*:*:*:*:*:*
The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing.
Max CVSS
7.5
EPSS Score
2.93%
Published
2017-02-09
Updated
2020-11-20
The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.
Max CVSS
7.5
EPSS Score
2.82%
Published
2017-02-09
Updated
2020-11-20
The gst_asf_demux_process_ext_stream_props function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors related to the number of languages in a video file.
Max CVSS
5.5
EPSS Score
1.15%
Published
2017-02-09
Updated
2020-05-30
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a ncdt sub-tag that "goes behind" the surrounding tag.
Max CVSS
7.5
EPSS Score
1.33%
Published
2017-02-09
Updated
2018-01-05
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
Max CVSS
5.5
EPSS Score
1.37%
Published
2017-02-09
Updated
2019-10-03
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
Max CVSS
7.5
EPSS Score
1.90%
Published
2017-02-09
Updated
2018-01-05
The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.
Max CVSS
5.5
EPSS Score
1.03%
Published
2017-02-09
Updated
2018-01-05
The gst_avi_demux_parse_ncdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving ncdt tags.
Max CVSS
7.5
EPSS Score
1.33%
Published
2017-02-09
Updated
2018-01-05
The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.
Max CVSS
7.5
EPSS Score
1.33%
Published
2017-02-09
Updated
2020-05-30
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.
Max CVSS
7.5
EPSS Score
3.33%
Published
2017-02-09
Updated
2019-10-03
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
Max CVSS
7.5
EPSS Score
1.33%
Published
2017-02-09
Updated
2018-01-05
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.
Max CVSS
5.5
EPSS Score
1.37%
Published
2017-02-09
Updated
2019-10-03
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.
Max CVSS
7.5
EPSS Score
1.33%
Published
2017-02-09
Updated
2018-01-05
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.
Max CVSS
5.5
EPSS Score
1.08%
Published
2017-02-09
Updated
2020-05-30
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
Max CVSS
7.8
EPSS Score
1.56%
Published
2017-01-23
Updated
2018-01-05
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
Max CVSS
7.5
EPSS Score
0.60%
Published
2017-01-23
Updated
2021-11-30
16 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!