Moss

**Name of the Vulnerable Software and Affected Versions** GStreamer (affected versions not specified) **Description** A heap buffer overflow exists in the librfb (RFB/VNC client) component of GStreamer. The issue occurs because the rectangle bounds check validates the total area instead of individual dimensions. This allows a malicious VNC server to send a rectangle that extends beyond the framebuffer, leading to an out-of-bounds heap write. A remote attacker could exploit this by tricking a user into connecting to a malicious VNC server, potentially resulting in code execution or a system crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GStreamer (affected versions not specified) **Description** Multiple out-of-bounds read issues exist in the `pcapparse` element. Malformed PCAP records can trigger reads beyond buffer boundaries during the parsing of IPv4 and TCP headers. A local attacker could induce a user to process a specially crafted PCAP file, which may result in information disclosure or a system crash. This element is mainly utilized in debugging pipelines. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GStreamer (affected versions not specified) **Description** A signed integer overflow exists in the VMnc decoder. A specially crafted VMnc stream containing large cursor dimensions can cause an overflow in signed integer payload-size arithmetic. This allows the bypass of a length check, resulting in out-of-bounds reads, which occur when a program reads data past the end of the intended buffer. A remote attacker could exploit this by tricking a user into opening a malicious VMnc file, potentially leading to information disclosure or a system crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.