Vulnerabilities > Gstreamer > Good Plug INS > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-03 | CVE-2009-0397 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | 9.3 |
| 2009-02-02 | CVE-2009-0386 | Buffer Errors vulnerability in Gstreamer Good Plug-Ins 0.10.10/0.10.11/0.10.9 Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. | 9.3 |
| 2009-02-02 | CVE-2009-0387 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | 9.3 |