CVE-2017-5847

Published: Feb 9, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The gst_asf_demux_process_ext_content_desc function in gst/asfdemux/gstasfdemux.c in gst-plugins-ugly in GStreamer allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving extended content descriptors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/GStreamer/gst-plugins-ugly/commit/d21017b52a585f145e8d62781bcc1c5fefc7ee37

x_refsource_CONFIRM

https://bugzilla.gnome.org/show_bug.cgi?id=777955#c3

x_refsource_CONFIRM

96001

vdb-entry

x_refsource_BID

DSA-3821

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20170202 Re: Multiple memory access issues in gstreamer

mailing-list

x_refsource_MLIST

GLSA-201705-10

vendor-advisory

x_refsource_GENTOO

[oss-security] 20170201 Multiple memory access issues in gstreamer

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20200530 [SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-5847

Description

Affected Products

References