CVE-2016-10199

HIGH
2017-02-09 [email protected]
7.5
CVSS 3.0
Share

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 17, 2026 - 20:45 vuln.today
Patch Released
Mar 17, 2026 - 20:45 nvd
Patch available
CVE Published
Feb 09, 2017 - 15:59 nvd
HIGH 7.5

Tags

Denial Of Service Buffer Overflow Gstreamer

Description

The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted tag value.

Analysis

A memory safety vulnerability in GStreamer's MP4/QuickTime demuxer allows remote attackers to trigger an out-of-bounds read when processing malformed tag values in media files. The vulnerability affects GStreamer versions before 1.10.3 and can cause application crashes when parsing specially crafted MP4/MOV files. With an EPSS score of 3.13% (87th percentile), this vulnerability has moderate exploitation likelihood in the wild.

Technical Context

The vulnerability exists in the qtdemux_tag_add_str_full function within the gst/isomp4/qtdemux.c component of the gst-plugins-good package in GStreamer multimedia framework (CPE: cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*). This function handles metadata tag parsing in ISO MP4/QuickTime format files. The root cause is a CWE-125 (Out-of-bounds Read) condition where the code fails to properly validate tag value boundaries before reading memory, leading to potential information disclosure through memory contents beyond the intended buffer.

Affected Products

GStreamer multimedia framework versions prior to 1.10.3 are affected, specifically the gst-plugins-good component (CPE: cpe:2.3:a:gstreamer:gstreamer:*:*:*:*:*:*:*:*). Multiple Linux distributions have issued security advisories including Debian (DSA-3820), Red Hat (RHSA-2017:2060), and Gentoo (GLSA 201705-10). The vulnerability was originally reported in GNOME Bugzilla bug 775451 and affects any application using GStreamer for MP4/QuickTime media file processing.

Remediation

Upgrade GStreamer to version 1.10.3 or later as documented in the official GStreamer release notes at https://gstreamer.freedesktop.org/releases/1.10/#1.10.3. Linux distribution users should apply vendor-specific security updates: Debian users should reference DSA-3820, Red Hat users should apply RHSA-2017:2060, and Gentoo users should follow GLSA 201705-10. As a temporary mitigation until patching is complete, consider implementing input validation for media files from untrusted sources or isolating media processing operations in sandboxed environments to limit the impact of potential crashes.

Priority Score

41
Low Medium High Critical
KEV: 0
EPSS: +3.1
CVSS: +38
POC: 0

Share

CVE-2016-10199 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy