Vulnerabilities > Gstreamer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-05-14 | CVE-2015-0797 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. | 6.8 |
| 2009-06-04 | CVE-2009-1932 | Numeric Errors vulnerability in Gstreamer Good Plug-Ins 0.10.15 Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | 6.8 |
| 2009-02-03 | CVE-2009-0398 | Buffer Errors vulnerability in Gstreamer Plug-Ins 0.6.0 Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file. | 9.3 |
| 2009-02-03 | CVE-2009-0397 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | 9.3 |
| 2009-02-02 | CVE-2009-0387 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | 9.3 |
| 2009-02-02 | CVE-2009-0386 | Buffer Errors vulnerability in Gstreamer Good Plug-Ins 0.10.10/0.10.11/0.10.9 Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. | 9.3 |