CVE-2016-9446 log
Source |
|
Severity | Low |
Remote | Yes |
Type | Information disclosure |
Description | An information disclosure vulnerability has been discovered in the render canvas functionality of gst-plugins-bad due to the lack of initializing the returned heap area of g_malloc(). An example for the information leak would be thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas at all. This could be a problem for anyone using gstreamer in a server environment to provide a thumbnailing services. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-76 | gst-plugins-bad | 1.10.0-1 | 1.10.2-2 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
02 Jan 2017 | ASA-201701-3 | AVG-76 | gst-plugins-bad | High | multiple issues |