CVE-2009-0397

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gstreamer:good_plug-ins:0.10.9:*:*:*:*:*:*:*
cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*
cpe:2.3:a:gstreamer:good_plug-ins:0.10.11:*:*:*:*:*:*:*
cpe:2.3:a:gstreamer:plug-ins:0.8.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-02-03 11:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-0397

Mitre link : CVE-2009-0397

CVE.ORG link : CVE-2009-0397


JSON object : View

Products Affected

gstreamer

  • plug-ins
  • good_plug-ins
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer