Use-after-free vulnerabilities in GStreamer functions allow remote attackers to cause denial of service

Use-after-free vulnerabilities in GStreamer functions allow remote attackers to cause denial of service

CVE-2017-5843 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer before 1.10.3 allow remote attackers to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.

Learn more about our Web Application Penetration Testing UK.