Your submission was sent successfully! Close

CVE-2016-9636

Published: 27 January 2017

Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
gst-plugins-good0.10
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [0.10.31-1ubuntu1.3])
trusty Does not exist
(trusty was released [0.10.31-3+nmu1ubuntu5.1])
upstream Needs triage

xenial
Released (0.10.31-3+nmu4ubuntu2.16.04.1)
yakkety Does not exist

zesty Does not exist

gst-plugins-good1.0
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [1.2.4-1~ubuntu1.1])
upstream
Released (1.10.2)
xenial
Released (1.8.2-1ubuntu0.2)
yakkety
Released (1.8.3-1ubuntu1.1)
zesty
Released (1.10.2-1ubuntu1)