CVE-2009-0397
03.02.2009, 11:30
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.Enginsight
Vendor | Product | Version |
---|---|---|
gstreamer | good_plug-ins | 0.10.9 |
gstreamer | good_plug-ins | 0.10.10 |
gstreamer | good_plug-ins | 0.10.11 |
gstreamer | plug-ins | 0.8.5 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
gst-plugins-bad0.10 |
| ||||||||||||
gst-plugins-good0.10 |
| ||||||||||||
gst-plugins0.8 |
|
Common Weakness Enumeration
References