What is the severity of CVE-2016-9807?

CVE-2016-9807 has a severity rating that indicates it allows for denial of service through invalid memory access.

How do I fix CVE-2016-9807?

To fix CVE-2016-9807, you should upgrade GStreamer to version 1.10.2 or later.

What causes the vulnerability in CVE-2016-9807?

CVE-2016-9807 is caused by the flx_decode_chunks function allowing remote attackers to exploit crafted FLIC files.

What impact does CVE-2016-9807 have on systems?

The impact of CVE-2016-9807 on systems includes potential crashes due to invalid memory reads.

Is CVE-2016-9807 present in GStreamer versions after 1.10.1?

Yes, CVE-2016-9807 is present in GStreamer versions 1.10.1 and earlier.

Vulnerability/
CVE-2016-9807

medium

5.5

CWE

125

13/1/2017

6/8/2024

CVE-2016-9807

First published: Fri Jan 13 2017(Updated: )

The flx_decode_chunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted FLIC file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Moonlight	<=1.10.1

Remedy

https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=153a8ae752c90d07190ef45803422a4f71ea8bff

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-9807?
CVE-2016-9807 has a severity rating that indicates it allows for denial of service through invalid memory access.
How do I fix CVE-2016-9807?
To fix CVE-2016-9807, you should upgrade GStreamer to version 1.10.2 or later.
What causes the vulnerability in CVE-2016-9807?
CVE-2016-9807 is caused by the flx_decode_chunks function allowing remote attackers to exploit crafted FLIC files.
What impact does CVE-2016-9807 have on systems?
The impact of CVE-2016-9807 on systems includes potential crashes due to invalid memory reads.
Is CVE-2016-9807 present in GStreamer versions after 1.10.1?
Yes, CVE-2016-9807 is present in GStreamer versions 1.10.1 and earlier.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/remedy
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gstreamer
canonical/moonlight
version/moonlight/1.10.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.