Off-by-one error in the gst_h264_parse_set_caps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9809