Home

CVE-2016-9446

Description

The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.283

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2016-9446 are affected in GStreamer 1.11.0Windows
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update clutter-gst2-2.0.18-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update clutter-gst2-2.0.18-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update clutter-gst2-devel-2.0.18-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update clutter-gst2-devel-2.0.18-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gnome-video-effects-0.4.3-1.el7.noarch.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-0.10.23-23.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-0.10.23-23.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-devel-0.10.23-23.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-devel-0.10.23-23.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-devel-docs-0.10.23-23.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-good-0.10.31-13.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-good-0.10.31-13.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-good-devel-docs-0.10.31-13.el7.noarch.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-devel-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-devel-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-devel-docs-1.10.4-2.el7.noarch.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-devel-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-devel-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-gtk-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-bad-free-gtk-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-1.10.4-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-1.10.4-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-devel-1.10.4-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-devel-1.10.4-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-devel-docs-1.10.4-1.el7.noarch.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-base-tools-1.10.4-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-good-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-plugins-good-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-0.4.26-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-0.4.26-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-compiler-0.4.26-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-devel-0.4.26-1.el7.i686.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-devel-0.4.26-1.el7.x86_64.rpmLinux
(RHSA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-doc-0.4.26-1.el7.noarch.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) gstreamer-plugins-bad-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) gstreamer-plugins-bad-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) gstreamer-plugins-bad-debugsource-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) gstreamer-plugins-bad-lang-1.2.4-3.4.1.noarch.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstbasecamerabinsrc-1_0-0-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstbasecamerabinsrc-1_0-0-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstcodecparsers-1_0-0-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstcodecparsers-1_0-0-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstegl-1_0-0-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstegl-1_0-0-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstmpegts-1_0-0-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstmpegts-1_0-0-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstphotography-1_0-0-1.2.4-3.4.1.x86_64.rpmLinux
SUSE-SU-2016:3297-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgstphotography-1_0-0-debuginfo-1.2.4-3.4.1.x86_64.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gnome-video-effects-0.4.3-1.el7.noarch.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-bad-free-devel-docs-0.10.23-23.el7.x86_64.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer-plugins-good-devel-docs-0.10.31-13.el7.noarch.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update gstreamer1-devel-docs-1.10.4-2.el7.noarch.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-compiler-0.4.26-1.el7.x86_64.rpmLinux
(CESA-2017:2060) Moderate: GStreamer security, bug fix, and enhancement update orc-doc-0.4.26-1.el7.noarch.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update clutter-gst2-debuginfo-2.0.18-1.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update clutter-gst2-debuginfo-2.0.18-1.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer-plugins-bad-free-debuginfo-0.10.23-23.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer-plugins-bad-free-debuginfo-0.10.23-23.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer-plugins-good-debuginfo-0.10.31-13.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer-plugins-good-debuginfo-0.10.31-13.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-debuginfo-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-debuginfo-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-bad-free-debuginfo-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-bad-free-debuginfo-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-base-debuginfo-1.10.4-1.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-base-debuginfo-1.10.4-1.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-good-debuginfo-1.10.4-2.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update gstreamer1-plugins-good-debuginfo-1.10.4-2.el7.x86_64.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update orc-debuginfo-0.4.26-1.el7.i686.rpmLinux
(RHSA-2017:2060)Moderate: security, bug fix, and enhancement update orc-debuginfo-0.4.26-1.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234