RSS   Vulnerabilities for 'Plug-ins'   RSS

2009-02-03
 
CVE-2009-0398

CWE-119
 

 
Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file.

 
 
CVE-2009-0397

CWE-119
 

 
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.

 
2009-02-02
 
CVE-2009-0387

CWE-119
 

 
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."

 

 >>> Vendor: Gstreamer 4 Products
Good plug-ins
Plug-ins
Gst-plugins-base
Gstreamer


Copyright 2024, cxsecurity.com

 

Back to Top