SUSE: CVE-2017-5838: SUSE Linux Security Advisory
5
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
02/09/2017
07/25/2018
03/01/2017
02/04/2022
Description
The gst_date_time_new_from_iso8601_string function in gst/gstdatetime.c in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a malformed datetime string.
Solution(s)
- suse-upgrade-gstreamer
- suse-upgrade-gstreamer-devel
- suse-upgrade-gstreamer-lang
- suse-upgrade-gstreamer-plugins-bad
- suse-upgrade-gstreamer-plugins-bad-chromaprint
- suse-upgrade-gstreamer-plugins-bad-devel
- suse-upgrade-gstreamer-plugins-bad-lang
- suse-upgrade-gstreamer-plugins-good
- suse-upgrade-gstreamer-plugins-good-lang
- suse-upgrade-gstreamer-plugins-ugly
- suse-upgrade-gstreamer-plugins-ugly-lang
- suse-upgrade-gstreamer-utils
- suse-upgrade-libgstadaptivedemux-1_0-0
- suse-upgrade-libgstbadallocators-1_0-0
- suse-upgrade-libgstbadaudio-1_0-0
- suse-upgrade-libgstbadbase-1_0-0
- suse-upgrade-libgstbadvideo-1_0-0
- suse-upgrade-libgstbasecamerabinsrc-1_0-0
- suse-upgrade-libgstcodecparsers-1_0-0
- suse-upgrade-libgstgl-1_0-0
- suse-upgrade-libgstinsertbin-1_0-0
- suse-upgrade-libgstisoff-1_0-0
- suse-upgrade-libgstmpegts-1_0-0
- suse-upgrade-libgstphotography-1_0-0
- suse-upgrade-libgstplayer-1_0-0
- suse-upgrade-libgstreamer-1_0-0
- suse-upgrade-libgstreamer-1_0-0-32bit
- suse-upgrade-libgstsctp-1_0-0
- suse-upgrade-libgsturidownloader-1_0-0
- suse-upgrade-libgstwayland-1_0-0
- suse-upgrade-libgstwebrtc-1_0-0
- suse-upgrade-typelib-1_0-gst-1_0
- suse-upgrade-typelib-1_0-gstbadallocators-1_0
- suse-upgrade-typelib-1_0-gstgl-1_0
- suse-upgrade-typelib-1_0-gstinsertbin-1_0
- suse-upgrade-typelib-1_0-gstmpegts-1_0
- suse-upgrade-typelib-1_0-gstplayer-1_0
- suse-upgrade-typelib-1_0-gstwebrtc-1_0
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center