Vulnerabilities > Gstreamer > Good Plug INS

DATE CVE VULNERABILITY TITLE RISK
2009-06-04 CVE-2009-1932 Numeric Errors vulnerability in Gstreamer Good Plug-Ins 0.10.15
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
network
gstreamer CWE-189
6.8
2009-02-03 CVE-2009-0397 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.
network
gstreamer CWE-119
critical
9.3
2009-02-02 CVE-2009-0387 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."
network
gstreamer CWE-119
critical
9.3
2009-02-02 CVE-2009-0386 Buffer Errors vulnerability in Gstreamer Good Plug-Ins 0.10.10/0.10.11/0.10.9
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file.
network
gstreamer CWE-119
critical
9.3