CVE-2016-9447

{"id": "CVE-2016-9447", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2017-01-23T21:59:03.127", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2016-2974.html", "source": "security@opentext.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0018.html", "source": "security@opentext.com"}, {"url": "http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html", "source": "security@opentext.com"}, {"url": "http://www.openwall.com/lists/oss-security/2016/11/18/12", "source": "security@opentext.com"}, {"url": "http://www.openwall.com/lists/oss-security/2016/11/18/13", "source": "security@opentext.com"}, {"url": "http://www.securityfocus.com/bid/94427", "source": "security@opentext.com"}, {"url": "https://security.gentoo.org/glsa/201705-10", "source": "security@opentext.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-2974.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2017-0018.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/11/18/12", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/11/18/13", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/94427", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201705-10", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The ROM mappings in the NSF decoder in gstreamer 0.10.x allow remote attackers to cause a denial of service (out-of-bounds read or write) and possibly execute arbitrary code via a crafted NSF music file."}, {"lang": "es", "value": "Los mapeos ROM en el decodificador NSF en gstreamer 0.10.x permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura o escritura fuera de l\u00edmites) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de m\u00fasica NSF manipulado."}], "lastModified": "2026-03-17T15:52:33.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CABCEA7-47FE-4B3B-9556-FB8CDEAD4CDE"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4ABB6BA-BC7C-4DEF-8D56-7101EB5F9745"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA03BFEE-ED65-483F-AF60-FCF0B85F6D64"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82EFDF82-DD6F-4825-82D6-3409B000403D"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D81E127-8840-4757-806C-A19DC2C918FB"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF2BBF67-A54C-47C4-B81A-67150A159959"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE6FFD5F-3EA4-43EF-9CED-BEF6146D5FFE"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35DFA5A9-9E3B-453D-89F8-EF9F7CBF1A1E"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B26F0FF-2C0A-42B6-8B2C-FE5899F2EDFB"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD083B38-280D-4770-B7F1-335F9A042C69"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68D24C7D-CA97-4E5A-B8EB-FA0975935A42"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB0FE9A8-D355-43C6-AA58-07E4146765F4"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44D1AE29-B8BB-4B30-BAE9-621559489B5E"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19AAEDF0-7DCF-4875-8353-9A9B22AAA741"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7C4B27F-533D-4F8F-8EE7-746E83C283EB"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D669FB3-F688-4D6C-A4AD-C30A527406A7"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE725461-3814-4105-8D18-50DA70692816"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3251ADA9-8701-466B-8270-4467E87CFDBC"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6457BE57-BBC8-4C7A-A30E-13C8822DFE0F"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F9B7A97-AAEF-4ECA-A286-C54D56B26E45"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60548FE0-E0ED-40D1-9DC3-629201DAE5BF"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F29CA4B6-A26C-4DFE-9B18-8BF36D6F1012"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FA04B72-5AA3-4114-B793-47A5D9251E49"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "956FBAF1-AD38-40D5-A355-19C7673243AD"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A822F28-63D0-409C-A7EB-0E292A59F1DF"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58A4B74D-1B65-4868-A34F-16F4AFEB0753"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6D776B-B8E7-407A-83B9-EFFC127B9F23"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A9A15C0-AAD1-41B3-93B4-54CC020D0144"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79CA003D-1101-4C2C-8974-7DA03027A4A9"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67635C9C-681C-44B4-A64E-25DB0B585AD7"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7252F2D8-134C-48C5-AABF-3737F7536D5B"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E190525E-4FBC-4C95-895C-F829FFF49992"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A218BF5-C156-4ED0-8936-DC701373BFB2"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A4232D3-F26F-4598-AA10-71ACD5B47950"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57BC904F-54E5-4097-8166-A2FE7C9E3854"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C26CA87-2EFC-4F5B-8DF6-1B5F33869448"}, {"criteria": "cpe:2.3:a:gstreamer:gstreamer:0.10.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61495A4D-3D75-4C26-8C08-49CC35179E0A"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}