CVE-2016-9447 log
Source |
|
Severity | High |
Remote | Yes |
Type | Arbitrary code execution |
Description | A heap out-of-bound read/write vulnerability has been discovered in the libgstnsf.so nintendo music files plugin of gst-plugins-bad due to lack of checking the ROM size when mapping into memory. Switching the bank leads to an out-of-bounds read leading to possible arbitrary code execution when combined with the ability to load or bank switch the ROM to a writable memory location. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-125 | gstreamer0.10-bad-plugins | 0.10.23-20 | High | Unknown | FS#52335 |
References |
---|
http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html |