exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2009-0397

Status Candidate

Overview

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.

Related Files

Gentoo Linux Security Advisory 200907-11
Posted Jul 13, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-11 - Multiple vulnerabilities in multiple GStreamer plug-ins might allow for the execution of arbitrary code. Versions less than 0.10.14 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0386, CVE-2009-0387, CVE-2009-0397, CVE-2009-0586, CVE-2009-1932
SHA-256 | 65f2ad848313d3757203dc621dcf67f90a500f586c6f01936864f1b497f45c65
Ubuntu Security Notice 736-1
Posted Mar 16, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-736-1 - It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample (ctts) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Sync Sample (aka stss) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Time-to-sample (aka stts) atom data in Quicktime (mov) movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0386, CVE-2009-0387, CVE-2009-0397
SHA-256 | e96fd857e4e7e1dc33b464d15c6b61d1bc385283c3b430689d54b60a852623f3
Debian Linux Security Advisory 1729-1
Posted Mar 2, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1729-1 - Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0386, CVE-2009-0387, CVE-2009-0397
SHA-256 | bd7632e5aeca4ad66f55586ac401d00d1c0fccd151a6fab63225619d970fb44f
Mandriva Linux Security Advisory 2009-035
Posted Feb 11, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-035 - Security vulnerabilities have been discovered and corrected in gstreamer0.10-plugins-good, might allow remote attackers to execute arbitrary code via a malformed QuickTime media file. The updated packages have been patched to prevent this.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0386, CVE-2009-0387, CVE-2009-0397
SHA-256 | 172994b9d9ea19facad0b14db1988ec0a0bcd56dc7e5e711bae7204b1e51c582
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close