Executive Summary
Summary | |
---|---|
Title | gstreamer-plugins security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:1264 | First vendor Publication | 2011-09-06 |
Vendor | RedHat | Last vendor Modification | 2011-09-06 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated gstreamer-plugins packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The gstreamer-plugins packages contain plug-ins used by the GStreamer streaming-media framework to support a wide variety of media formats. An integer overflow flaw, a boundary error, and multiple off-by-one flaws were found in various ModPlug music file format library (libmodplug) modules, embedded in GStreamer. An attacker could create specially-crafted music files that, when played by a victim, would cause applications using GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915) All users of gstreamer-plugins are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, all applications using GStreamer (such as Rhythmbox) must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 728371 - CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915 libmodplug: multiple vulnerabilities reported in <= 0.8.8.3 |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-1264.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
80 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14952 | |||
Oval ID: | oval:org.mitre.oval:def:14952 | ||
Title: | USN-1255-1 -- libmodplug vulnerabilities | ||
Description: | libmodplug: Library for mod music based on ModPlug libmodplug could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1255-1 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915 | Version: | 7 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libmodplug |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15146 | |||
Oval ID: | oval:org.mitre.oval:def:15146 | ||
Title: | DSA-2415-1 libmodplug -- several | ||
Description: | Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1761 epiphant discovered that the abc file parser is vulnerable to several stack-based buffer overflows that potentially lead to the execution of arbitrary code. CVE-2011-2911 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav function is vulnerable to an integer overflow which leads to a heap-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted WAV files. CVE-2011-2912 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M function is vulnerable to a stack-based buffer overflow. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted S3M files. CVE-2011-2913 Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files. CVE-2011-2914 It was discovered that the CSoundFile::ReadDSM function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted DSM files. CVE-2011-2915 It was discovered that the CSoundFile::ReadAMS2 function suffers from an off-by-one vulnerability that leads to memory corruption. An attacker can exploit this flaw to potentially execute arbitrary code by tricking a victim into opening crafted AMS files. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2415-1 CVE-2011-1761 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913 CVE-2011-2914 CVE-2011-2915 | Version: | 7 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libmodplug |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 x86_64 File : nvt/gb_CESA-2011_1264_gstreamer-plugins_centos4_x86_64.nasl |
2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-14 (audacious-plugins) File : nvt/glsa_201203_14.nasl |
2012-04-30 | Name : Gentoo Security Advisory GLSA 201203-16 (libmodplug) File : nvt/glsa_201203_16.nasl |
2012-03-19 | Name : Fedora Update for libmodplug FEDORA-2011-10452 File : nvt/gb_fedora_2011_10452_libmodplug_fc16.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2415-1 (libmodplug) File : nvt/deb_2415_1.nasl |
2011-11-11 | Name : Ubuntu Update for libmodplug USN-1255-1 File : nvt/gb_ubuntu_USN_1255_1.nasl |
2011-09-12 | Name : CentOS Update for gstreamer-plugins CESA-2011:1264 centos4 i386 File : nvt/gb_CESA-2011_1264_gstreamer-plugins_centos4_i386.nasl |
2011-09-12 | Name : RedHat Update for gstreamer-plugins RHSA-2011:1264-01 File : nvt/gb_RHSA-2011_1264-01_gstreamer-plugins.nasl |
2011-08-19 | Name : Fedora Update for libmodplug FEDORA-2011-10503 File : nvt/gb_fedora_2011_10503_libmodplug_fc14.nasl |
2011-08-19 | Name : Fedora Update for libmodplug FEDORA-2011-10544 File : nvt/gb_fedora_2011_10544_libmodplug_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74211 | libmodplug src/load_dms.cpp CSoundFile::ReadDSM() Function DSM File Handling ... A memory corruption flaw exists in libmodplug. The CSoundFile::ReadDSM() function fails to sanitize user-supplied input when handling DSM files, resulting in memory corruption. With a specially crafted DSM file, a context-dependent attacker can execute arbitrary code. |
74210 | libmodplug src/load_ams.cpp Multiple Function AMS File Handling Off-by-one Me... A memory corruption flaw exists in libmodplug. The CSoundFile::ReadAMS() and CSoundFile::ReadAMS2() functions fails to sanitize user-supplied input when handling AMS files, resulting in memory corruption. With a specially crafted AMS file, a context-dependent attacker can execute arbitrary code. |
74209 | libmodplug src/load_s3m.cpp CSoundFile::ReadS3M() Function S3M File Handling ... libmodplug is prone to an overflow condition. The CSoundFile::ReadS3M() function fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted S3M file, a context-dependent attacker can potentially execute arbitrary code. |
74208 | libmodplug src/load_wav.cpp CSoundFile::ReadWav() Function WAV File Handling ... libmodplug is prone to an overflow condition. The CSoundFile::ReadWav() function fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted WAV file, a context-dependent attacker can potentially execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libmodplug-110816.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libmodplug-110816.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1264.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110906_gstreamer_plugins_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-14.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201203-16.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2415.nasl - Type : ACT_GATHER_INFO |
2011-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1255-1.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-12370.nasl - Type : ACT_GATHER_INFO |
2011-09-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1264.nasl - Type : ACT_GATHER_INFO |
2011-09-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1264.nasl - Type : ACT_GATHER_INFO |
2011-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10452.nasl - Type : ACT_GATHER_INFO |
2011-08-17 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10503.nasl - Type : ACT_GATHER_INFO |
2011-08-17 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10544.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:55:05 |
|