Your submission was sent successfully! Close

CVE-2016-9807

Published: 13 January 2017

The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
gst-plugins-good0.10
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [0.10.31-1ubuntu1.4])
trusty Does not exist
(trusty was released [0.10.31-3+nmu1ubuntu5.2])
upstream Needs triage

xenial
Released (0.10.31-3+nmu4ubuntu2.16.04.2)
yakkety Does not exist

zesty Does not exist

gst-plugins-good1.0
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [1.2.4-1~ubuntu1.3])
upstream
Released (1.10.1-2)
xenial
Released (1.8.2-1ubuntu0.3)
yakkety
Released (1.8.3-1ubuntu1.2)
zesty
Released (1.10.2-1ubuntu1)