vulnerability
SUSE: CVE-2016-9446: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Dec 29, 2016 | Dec 29, 2016 | Aug 21, 2021 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Dec 29, 2016
Added
Dec 29, 2016
Modified
Aug 21, 2021
Description
The vmnc decoder in the gstreamer does not initialize the render canvas, which allows remote attackers to obtain sensitive information as demonstrated by thumbnailing a simple 1 frame vmnc movie that does not draw to the allocated render canvas.
Solutions
suse-upgrade-gstreamer-0_10-plugins-badsuse-upgrade-gstreamer-0_10-plugins-bad-develsuse-upgrade-gstreamer-0_10-plugins-bad-langsuse-upgrade-gstreamer-plugins-badsuse-upgrade-gstreamer-plugins-bad-develsuse-upgrade-gstreamer-plugins-bad-langsuse-upgrade-libgstadaptivedemux-1_0-0suse-upgrade-libgstbadaudio-1_0-0suse-upgrade-libgstbadbase-1_0-0suse-upgrade-libgstbadvideo-1_0-0suse-upgrade-libgstbasecamerabinsrc-0_10-23suse-upgrade-libgstbasecamerabinsrc-0_10-23-32bitsuse-upgrade-libgstbasecamerabinsrc-1_0-0suse-upgrade-libgstbasevideo-0_10-23suse-upgrade-libgstbasevideo-0_10-23-32bitsuse-upgrade-libgstcodecparsers-0_10-23suse-upgrade-libgstcodecparsers-1_0-0suse-upgrade-libgstegl-1_0-0suse-upgrade-libgstgl-1_0-0suse-upgrade-libgstinsertbin-1_0-0suse-upgrade-libgstmpegts-1_0-0suse-upgrade-libgstphotography-0_10-23suse-upgrade-libgstphotography-0_10-23-32bitsuse-upgrade-libgstphotography-1_0-0suse-upgrade-libgstsignalprocessor-0_10-23suse-upgrade-libgstsignalprocessor-0_10-23-32bitsuse-upgrade-libgsturidownloader-1_0-0suse-upgrade-libgstvdp-0_10-23suse-upgrade-libgstvdp-0_10-23-32bit
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.