Search Results (Refine Search)
- Keyword (text search): gstreamer
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-0586 |
Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. Published: March 14, 2009; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2009-0398 |
Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file. Published: February 03, 2009; 6:30:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0397 |
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. Published: February 03, 2009; 6:30:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0387 |
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." Published: February 02, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0386 |
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. Published: February 02, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-3230 |
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif. Published: July 18, 2008; 12:41:00 PM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2006-4192 |
Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. Published: August 16, 2006; 9:04:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2005-4048 |
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. Published: December 07, 2005; 6:03:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |