CVE-2016-9447

The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.

References

Affected packages

Git / github.com/gstreamer/gstreamer

Affected ranges

Type: GIT
Repo: https://github.com/gstreamer/gstreamer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

04c392fa7d86f348ae9edaabf4c95b8deb64288e

Last affected

0601746ccd26a6a93433ef39c8ef1b89cf658f9f

Last affected

0d0b85cb15e02321d440a041854ad33048a07dc4

Last affected

1d2056adc637a14c1060a282abf111c1452e7f9c

Last affected

1f8e0a3b9b942cc15e26c2608d26b59191d35087

Last affected

2383bf6dedb7912df06a8c4f03aa9f241a7aff6f

Last affected

355a8d2132d307b27cfdc85d38bd07930960c59c

Last affected

3e811faefc7117320695cbf4c0d8b34a448cb10c

Last affected

418885d898d6b540cc7b89729013b7b6b46fe2ea

Last affected

43505244cbcb7fc57f5667cc5276f0d2f296f731

Last affected

4d9db9e2cff925de0a37754eee8c93da9252ced8

Last affected

519f35059938263fbeaf02f9f13acbbd633d46d6

Last affected

52cef107b14f4271a6ac983daf507c0b4ce00dcc

Last affected

5ec236326cd7ca960f277ae082da0cfb1a34926f

Last affected

673d519898d18c513c3b5eeecd91f5d3091ddf79

Last affected

6de8ad8d667c39d7d4a376b292f0f57a0bfa7e60

Last affected

725bc2f11aadf3e0a1740c4fa75b486c5e1f9907

Last affected

855093570f8a53205b66eb9fa698d571d224948d

Last affected

8a57d6af1f9bf52fb69909e370c8180c2b2d8e6c

Last affected

94b4bf7f41860e782a9e4a6306712674cb0de8e2

Last affected

95797040eb860ebb8f33b8d92e93f20b60e5215f

Last affected

9645acef9fc342e175c0d4dfd8e3981e47ea38bf

Last affected

9faeeb8e45801e6b01d938a6001fff16f03d59b2

Last affected

a2d88f90dc58725d61d0c10276ce60739fac7867

Last affected

a4e1b18b65552ee348e578efe12fe2ec38880e12

Last affected

a61610c96861dd11840add94b38e750cf5cf39b7

Last affected

aa0daff56167676c2419126ff27a1fb3d97976dd

Last affected

ae4c19ee50c4748e48e2ce7b139592a7b712b03d

Last affected

b26897dd84ac9b09e7d262989a75984aab0bdc91

Last affected

ba5f9d28436e8022ac316cedbfff5efd3993d9a2

Last affected

c2e0ec6d0bef44827476d96ee9e5ae92dec8be46

Last affected

cdabb85f5d742c06856ec9980fb5a0b6dcb8e25b

Last affected

dc1ae0ffbb1d5f86df2ebda76c07465371ebac60

Last affected

e0f0bce8d625d2d684be5840b36107506b6a70f1

Last affected

eb20ecac9b5d5260f3ac0aeaea80041c2f52655b

Last affected

ed7bb93c2ff6c35229687604f6d6ae8c1ff3c4f2

Last affected

ffc3cece6ce5e7fb069b7d1eb135039e6ac6052f

Affected versions

gst-plugins-base-0.*

gst-plugins-base-0.10.0

gst-plugins-base-0.10.1

gst-plugins-base-0.10.10

gst-plugins-base-0.10.11

gst-plugins-base-0.10.12

gst-plugins-base-0.10.13

gst-plugins-base-0.10.14

gst-plugins-base-0.10.15

gst-plugins-base-0.10.16

gst-plugins-base-0.10.17

gst-plugins-base-0.10.18

gst-plugins-base-0.10.2

gst-plugins-base-0.10.20

gst-plugins-base-0.10.21

gst-plugins-base-0.10.22

gst-plugins-base-0.10.23

gst-plugins-base-0.10.24

gst-plugins-base-0.10.25

gst-plugins-base-0.10.26

gst-plugins-base-0.10.27

gst-plugins-base-0.10.28

gst-plugins-base-0.10.29

gst-plugins-base-0.10.3

gst-plugins-base-0.10.30

gst-plugins-base-0.10.31

gst-plugins-base-0.10.32

gst-plugins-base-0.10.33

gst-plugins-base-0.10.34

gst-plugins-base-0.10.35

gst-plugins-base-0.10.4

gst-plugins-base-0.10.5

gst-plugins-base-0.10.6

gst-plugins-base-0.10.7

gst-plugins-base-0.10.8

gst-plugins-base-0.10.9

gst-plugins-base-0.9.1

gst-plugins-base-0.9.2

gst-plugins-base-0.9.3

gst-plugins-base-0.9.4

gst-plugins-base-0.9.5

gst-plugins-base-0.9.6

gst-plugins-base-0.9.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9447.json"