Multiple use-after-free vulnerabilities in the (1) gst_mini_object_unref, (2) gst_tag_list_unref, and (3) gst_mxf_demux_update_essence_tracks functions in GStreamer prior to 1.10.3 allow remote malicious users to cause a denial of service (crash) via vectors involving stream tags, as demonstrated by 02785736.mxf.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gstreamer project gstreamer |