 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.882626 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for gstreamer-plugins-bad-free CESA-2017:0018 centos7 |
| Zusammenfassung: | Check the version of gstreamer-plugins-bad-free |
| Beschreibung: | Summary: Check the version of gstreamer-plugins-bad-free Vulnerability Insight: GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) * An out-of-bounds heap read flaw was found in GStreamer's H.264 parser. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9809) Note: This update removes the vulnerable Nintendo NSF plug-in. Affected Software/OS: gstreamer-plugins-bad-free on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-9445 BugTraq ID: 94421 http://www.securityfocus.com/bid/94421 https://security.gentoo.org/glsa/201705-10 https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html http://www.openwall.com/lists/oss-security/2016/11/18/12 http://www.openwall.com/lists/oss-security/2016/11/18/13 RedHat Security Advisories: RHSA-2016:2974 http://rhn.redhat.com/errata/RHSA-2016-2974.html RedHat Security Advisories: RHSA-2017:0018 http://rhn.redhat.com/errata/RHSA-2017-0018.html RedHat Security Advisories: RHSA-2017:0021 http://rhn.redhat.com/errata/RHSA-2017-0021.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9447 BugTraq ID: 94427 http://www.securityfocus.com/bid/94427 http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9809 BugTraq ID: 95147 http://www.securityfocus.com/bid/95147 Debian Security Information: DSA-3818 (Google Search) http://www.debian.org/security/2017/dsa-3818 https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html http://www.openwall.com/lists/oss-security/2016/12/01/2 http://www.openwall.com/lists/oss-security/2016/12/05/8 |
| Copyright | Copyright (C) 2017 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |