MGASA-2017-0348
- Source
- https://advisories.mageia.org/MGASA-2017-0348.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0348.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2017-0348
- Related
- Published
- 2017-09-21T13:43:32Z
- Modified
- 2017-09-21T13:07:03Z
- Summary
- Updated gstreamer0.10-plugins-good and gstreamer1.0-plugins-good packages fix security vulnerabilities
- Details
-
A crafted AAC audio file could have caused an invalid read and thus corruption or denial of service (CVE-2016-10198).
A crafted mp4 file could have caused an invalid read and thus corruption or denial of service (CVE-2016-10199).
A crafted AVI file could have caused an invalid read and thus corruption or denial of service (CVE-2017-5840).
A crafted AVI file with metadata tag entries (ncdt) could have caused invalid read access and thus corruption or denial of service (CVE-2017-5841).
A crafted AVI file could have caused an invalid read access resulting in denial of service (CVE-2017-5845).
Note that GStreamer 0.10 was only affected by CVE-2016-10198 and CVE-2017-5840.
- References
- Credits
-
-
- Mageia - COORDINATOR
-