 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.2.2017.1065 |
| Kategorie: | Huawei EulerOS Local Security Checks |
| Titel: | Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2017-1065) |
| Zusammenfassung: | The remote host is missing an update for the Huawei EulerOS 'gstreamer1-plugins-good' package(s) announced via the EulerOS-SA-2017-1065 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the Huawei EulerOS 'gstreamer1-plugins-good' package(s) announced via the EulerOS-SA-2017-1065 advisory. Vulnerability Insight: Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer.(CVE-2016-9636) Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer.(CVE-2016-9635) Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via the start_line parameter.(CVE-2016-9634) The FLIC decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted series of skip and count pairs.(CVE-2016-9808) The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.(CVE-2016-9807) Affected Software/OS: 'gstreamer1-plugins-good' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-9634 BugTraq ID: 94499 http://www.securityfocus.com/bid/94499 Debian Security Information: DSA-3723 (Google Search) http://www.debian.org/security/2016/dsa-3723 Debian Security Information: DSA-3724 (Google Search) http://www.debian.org/security/2016/dsa-3724 https://security.gentoo.org/glsa/201705-10 https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html http://www.openwall.com/lists/oss-security/2016/11/24/2 RedHat Security Advisories: RHSA-2016:2975 http://rhn.redhat.com/errata/RHSA-2016-2975.html RedHat Security Advisories: RHSA-2017:0019 http://rhn.redhat.com/errata/RHSA-2017-0019.html RedHat Security Advisories: RHSA-2017:0020 http://rhn.redhat.com/errata/RHSA-2017-0020.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9635 Common Vulnerability Exposure (CVE) ID: CVE-2016-9636 Common Vulnerability Exposure (CVE) ID: CVE-2016-9807 BugTraq ID: 95148 http://www.securityfocus.com/bid/95148 http://www.openwall.com/lists/oss-security/2016/12/01/2 http://www.openwall.com/lists/oss-security/2016/12/05/8 Common Vulnerability Exposure (CVE) ID: CVE-2016-9808 BugTraq ID: 95446 http://www.securityfocus.com/bid/95446 https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-incorrect-fix-for-gstreamer.html |
| Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |