CVE-2016-9811

Published: Jan 13, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-3819

vendor-advisory

x_refsource_DEBIAN

https://bugzilla.gnome.org/show_bug.cgi?id=774902

x_refsource_CONFIRM

https://gstreamer.freedesktop.org/releases/1.10/#1.10.2

x_refsource_CONFIRM

95161

vdb-entry

x_refsource_BID

RHSA-2017:2060

vendor-advisory

x_refsource_REDHAT

[oss-security] 20161204 Re: gstreamer multiple issues

mailing-list

x_refsource_MLIST

GLSA-201705-10

vendor-advisory

x_refsource_GENTOO

[oss-security] 20161201 gstreamer multiple issues

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20200228 [SECURITY] [DLA 2126-1] gst-plugins-base0.10 security update

mailing-list

x_refsource_MLIST

FEDORA-2021-ed54b1128a

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-9811

Description

Affected Products

References