The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.
The product divides a value by zero.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gstreamer | Gstreamer_project | * | 1.10.2 (including) |
| Red Hat Enterprise Linux 7 | RedHat | clutter-gst2-0:2.0.18-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gnome-video-effects-0:0.4.3-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer1-0:1.10.4-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer1-plugins-bad-free-0:1.10.4-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer1-plugins-base-0:1.10.4-1.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer1-plugins-good-0:1.10.4-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer-plugins-bad-free-0:0.10.23-23.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | gstreamer-plugins-good-0:0.10.31-13.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | orc-0:0.4.26-1.el7 | * |
| Gst-plugins-base0.10 | Ubuntu | precise | * |
| Gst-plugins-base0.10 | Ubuntu | trusty | * |
| Gst-plugins-base0.10 | Ubuntu | upstream | * |
| Gst-plugins-base0.10 | Ubuntu | vivid/stable-phone-overlay | * |
| Gst-plugins-base0.10 | Ubuntu | xenial | * |
| Gst-plugins-base1.0 | Ubuntu | trusty | * |
| Gst-plugins-base1.0 | Ubuntu | upstream | * |
| Gst-plugins-base1.0 | Ubuntu | vivid/stable-phone-overlay | * |
| Gst-plugins-base1.0 | Ubuntu | xenial | * |
| Gst-plugins-base1.0 | Ubuntu | yakkety | * |