CVE-2017-5843
09.02.2017, 15:59
Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.Enginsight
Vendor | Product | Version |
---|---|---|
gstreamer_project | gstreamer | 𝑥 ≤ 1.10.2 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
gst-plugins-bad0.10 |
| ||||||||||||||||||||||||||||||||||||||
gst-plugins-bad1.0 |
|
Common Weakness Enumeration
References