mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
309 lines
12 KiB
JSON
309 lines
12 KiB
JSON
{
|
|
"id": "CVE-2016-9447",
|
|
"sourceIdentifier": "security@opentext.com",
|
|
"published": "2017-01-23T21:59:03.127",
|
|
"lastModified": "2023-11-07T02:37:03.157",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Los mapeos ROM en el decodificador NSF en gstreamer 0.10.x permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura o escritura fuera de l\u00edmites) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de m\u00fasica NSF manipulado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-125"
|
|
},
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-787"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2E74CD7B-4B0A-4B45-88DE-94810A22C676"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "67D2049C-B29F-49F8-8A6F-73CEB9BE392E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5B562DD4-0A74-4094-AAAE-A0979EF3DAF2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "440DCD70-8731-4970-BEA4-A13B143021C7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4869856B-DF8E-47DA-A1BE-8DC274A505F2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "89614F1F-5F1C-452C-8E1A-CB27955BBABD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE098B70-4D3F-4C37-909C-2894C204E9C8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B0DFA23A-8B3C-4623-8E5B-61FC180C54F9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6BBDBA5A-5BEB-4980-9BF3-8051751BDABB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B02A4F3C-3C64-46BC-B5A6-2C28B37B518B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "382ED380-3984-4321-A4D1-C9EA5AE8DE4B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "176D351B-0C85-4F79-B0AE-B3685E7CFDAD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F95F7733-C237-4FD7-ACB9-AEB321F2267E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BB6D744-DF2E-4E82-81C3-63AAC3432EC6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C145CB0-8B0D-4158-9E1E-A1DF4E81EF4D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1EE3F25-D87C-4A99-A740-F6EB8A2F077D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.16:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8DC2241-6AF0-4A15-AB8E-C91C0E5225DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.17:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7DF7793-859D-4ABA-8C2E-0D39E680F666"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "09733F7D-604B-495F-B046-331CEFCCA219"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86C6EAC1-9329-408E-AE7C-2A5F9F4DF170"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.20:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E83925C8-0A7B-4BD7-8B61-7393298EA3C1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.21:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "055E1118-FA05-4CE4-B5D4-5609C4F00F63"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.22:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "92BAA14A-990B-41BB-95AC-0BD2260A3F01"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.23:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8131E152-6397-413D-9887-A16645CB615E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.24:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F744AB7B-736C-4F7B-9723-D691B2B3264B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.25:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "72184894-2F14-44A1-99E3-370D93DE7FD6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "00F4F2AB-D30C-401D-93FD-8AEE48331EEB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE867325-C029-4A19-966C-7721A05DF41B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.28:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D4082ACC-C3E9-4E5E-B832-0B3381984657"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.29:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DAB9637-68EF-4464-B11E-F00D9D200B59"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.30:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C34174F1-C2F3-48A5-A9C8-7B16B2264F27"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.31:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "639F6F42-07C6-4ED4-A0F0-DEFB0355BFFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.32:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CBCF2035-A361-4D63-B26A-4DA96FF2B888"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.33:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F130C013-E572-468F-BFD0-46FDDD7D8AD8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.34:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BCE7F50-D281-4099-9D61-63C44C17843F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.35:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EBC89C66-CDC8-4AD1-BEEB-9806DBEAD2BC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:gstreamer_project:gstreamer:0.10.36:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "642DA4C9-A755-4768-9D89-606E606F643E"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2016-2974.html",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2017-0018.html",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/12",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/13",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/94427",
|
|
"source": "security@opentext.com"
|
|
},
|
|
{
|
|
"url": "https://security.gentoo.org/glsa/201705-10",
|
|
"source": "security@opentext.com"
|
|
}
|
|
]
|
|
} |