Note:
This project will be discontinued after December 13, 2021. [more]
2017-01-23
The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file.
Products | Gstreamer |
Type | Out-of-bounds Read (CWE-125) Out-of-bounds Write (CWE-787) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.openwall.com/lists/oss-security/2016/11/18/12
• http://rhn.redhat.com/errata/RHSA-2017-0018.html • http://www.securityfocus.com/bid/94427 • http://www.openwall.com/lists/oss-security/2016/11/18/13 • http://rhn.redhat.com/errata/RHSA-2016-2974.html |