CVE-2009-0397 in Good Plug-insinfo

Summary

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

02/02/2009

Disclosure

02/03/2009

Moderation

VulDB entry created

Entries

1: VDB-46255

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

10.0

EPSS

0.08122

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2009-0397
NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-0397
CVE Details	https://www.cvedetails.com/cve/CVE-2009-0397/

◂ Previous Overview Next ▸