Summary: | media-libs/gst-plugins-good <0.10.13 QuickTime Heap-based buffer overflows (CVE-2009-{0386,0387,0397,0398}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gstreamer, pacho |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=481267 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 266986 |
Description
Robert Buchholz (RETIRED)
2009-01-23 16:38:58 UTC
(In reply to comment #0) > Also, could you please clarify which ebuilds ship and build the file qtdemux.c media-libs/gst-plugins-good - that is, it's not introducing extra deps and therefore not split to a separate package. 0.10.13 with only this fix has been released upstream CVE-2009-0386 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0386): Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. CVE-2009-0387 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0387): Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." CVE-2009-0397 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0397): Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. CVE-2009-0398 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0398): Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file. Adding the stabilization bug as a dep GLSA 200907-11 |