CVE-2016-9447
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-9447
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9447.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-9447
- Related
- Published
- 2017-01-23T21:59:03Z
- Modified
- 2024-09-03T01:36:35.605893Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
- References
-
- http://rhn.redhat.com/errata/RHSA-2016-2974.html
- http://rhn.redhat.com/errata/RHSA-2017-0018.html
- https://security.gentoo.org/glsa/201705-10
- http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html
- http://www.openwall.com/lists/oss-security/2016/11/18/12
- http://www.openwall.com/lists/oss-security/2016/11/18/13
- http://www.securityfocus.com/bid/94427
Affected packages
Git / github.com/gstreamer/gstreamer
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gstreamer/gstreamer
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
gst-plugins-base-0.*
gst-plugins-base-0.10.0
gst-plugins-base-0.10.1
gst-plugins-base-0.10.10
gst-plugins-base-0.10.11
gst-plugins-base-0.10.12
gst-plugins-base-0.10.13
gst-plugins-base-0.10.14
gst-plugins-base-0.10.15
gst-plugins-base-0.10.16
gst-plugins-base-0.10.17
gst-plugins-base-0.10.18
gst-plugins-base-0.10.2
gst-plugins-base-0.10.20
gst-plugins-base-0.10.21
gst-plugins-base-0.10.22
gst-plugins-base-0.10.23
gst-plugins-base-0.10.24
gst-plugins-base-0.10.25
gst-plugins-base-0.10.26
gst-plugins-base-0.10.27
gst-plugins-base-0.10.28
gst-plugins-base-0.10.29
gst-plugins-base-0.10.3
gst-plugins-base-0.10.30
gst-plugins-base-0.10.31
gst-plugins-base-0.10.32
gst-plugins-base-0.10.33
gst-plugins-base-0.10.34
gst-plugins-base-0.10.35
gst-plugins-base-0.10.4
gst-plugins-base-0.10.5
gst-plugins-base-0.10.6
gst-plugins-base-0.10.7
gst-plugins-base-0.10.8
gst-plugins-base-0.10.9
gst-plugins-base-0.9.1
gst-plugins-base-0.9.2
gst-plugins-base-0.9.3
gst-plugins-base-0.9.4
gst-plugins-base-0.9.5
gst-plugins-base-0.9.6
gst-plugins-base-0.9.7