CVE

Id
87708  
CVE No.
CVE-2016-10198  
Status
Candidate  
Description
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted audio file.  
Phase
Assigned (20170201)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
764895 87708 CVE-2016-10198 MLIST:[oss-security] 20170201 Multiple memory access issues in gstreamer  View
764896 87708 CVE-2016-10198 URL:http://www.openwall.com/lists/oss-security/2017/02/01/7  View
764897 87708 CVE-2016-10198 MLIST:[oss-security] 20170202 Re: Multiple memory access issues in gstreamer  View
764898 87708 CVE-2016-10198 URL:http://www.openwall.com/lists/oss-security/2017/02/02/9  View
764899 87708 CVE-2016-10198 CONFIRM:https://bugzilla.gnome.org/show_bug.cgi?id=775450  View
764900 87708 CVE-2016-10198 CONFIRM:https://gstreamer.freedesktop.org/releases/1.10/#1.10.3  View
764901 87708 CVE-2016-10198 BID:96001  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
52 JVNDB-2016-000054 Electron における Node モジュール読み込みに関する問題 Electron には、Node モジュール読み込みのパスを適切に制限していない問題が存在します。その結果、任意の JavaScript を実行される可能性があります。 CVE-2016-1202 87708 6.8 5.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000054.html  View