Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.882627 |
Category: | CentOS Local Security Checks |
Title: | CentOS Update for gstreamer1-plugins-bad-free CESA-2017:0021 centos7 |
Summary: | Check the version of gstreamer1-plugins-bad-free |
Description: | Summary: Check the version of gstreamer1-plugins-bad-free Vulnerability Insight: GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * Multiple flaws were discovered in GStreamer's H.264 and MPEG-TS plug-ins. A remote attacker could use these flaws to cause an application using GStreamer to crash. (CVE-2016-9809, CVE-2016-9812, CVE-2016-9813) Affected Software/OS: gstreamer1-plugins-bad-free on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-9445 BugTraq ID: 94421 http://www.securityfocus.com/bid/94421 https://security.gentoo.org/glsa/201705-10 https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html http://www.openwall.com/lists/oss-security/2016/11/18/12 http://www.openwall.com/lists/oss-security/2016/11/18/13 RedHat Security Advisories: RHSA-2016:2974 http://rhn.redhat.com/errata/RHSA-2016-2974.html RedHat Security Advisories: RHSA-2017:0018 http://rhn.redhat.com/errata/RHSA-2017-0018.html RedHat Security Advisories: RHSA-2017:0021 http://rhn.redhat.com/errata/RHSA-2017-0021.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9809 BugTraq ID: 95147 http://www.securityfocus.com/bid/95147 Debian Security Information: DSA-3818 (Google Search) http://www.debian.org/security/2017/dsa-3818 https://lists.debian.org/debian-lts-announce/2020/03/msg00038.html http://www.openwall.com/lists/oss-security/2016/12/01/2 http://www.openwall.com/lists/oss-security/2016/12/05/8 Common Vulnerability Exposure (CVE) ID: CVE-2016-9812 BugTraq ID: 95160 http://www.securityfocus.com/bid/95160 Common Vulnerability Exposure (CVE) ID: CVE-2016-9813 BugTraq ID: 95158 http://www.securityfocus.com/bid/95158 https://www.exploit-db.com/exploits/42162/ |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |