1
PublicDateAtUSN: 2009-02-03
2
Candidate: CVE-2009-0397
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0397
6
https://usn.ubuntu.com/usn/usn-736-1
8
Heap-based buffer overflow in the qtdemux_parse_samples function in
9
gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good)
10
0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins)
11
0.8.5, might allow remote attackers to execute arbitrary code via crafted
12
Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov
17
vendor: https://bugzilla.redhat.com/show_bug.cgi?id=481267
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514177
19
https://bugs.launchpad.net/ubuntu/+source/gst-plugins-good0.10/+bug/325261
24
Patches_gst-plugins-good0.10:
25
upstream: http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53 (1st part)
26
upstream_gst-plugins-good0.10: released (0.10.13-1)
27
dapper_gst-plugins-good0.10: not-affected (code not present)
28
gutsy_gst-plugins-good0.10: released (0.10.6-0ubuntu4.2)
29
hardy_gst-plugins-good0.10: released (0.10.7-3ubuntu0.2)
30
intrepid_gst-plugins-good0.10: released (0.10.10.4-1ubuntu1.1)
31
jaunty_gst-plugins-good0.10: not-affected (0.10.13-2)
32
karmic_gst-plugins-good0.10: not-affected (0.10.13-2)
33
devel_gst-plugins-good0.10: not-affected (0.10.13-2)
35
Patches_gst-plugins-bad0.10:
36
upstream: http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53 (1st part)
37
upstream_gst-plugins-bad0.10: needs-triage
38
dapper_gst-plugins-bad0.10: ignored (reached end-of-life)
39
gutsy_gst-plugins-bad0.10: not-affected (code not present)
40
hardy_gst-plugins-bad0.10: not-affected (code not present)
41
intrepid_gst-plugins-bad0.10: not-affected (code not present)
42
jaunty_gst-plugins-bad0.10: not-affected (code not present)
43
karmic_gst-plugins-bad0.10: not-affected (code not present)
44
devel_gst-plugins-bad0.10: not-affected (code not present)
46
Patches_gst-plugins0.8:
47
upstream: http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53
48
upstream_gst-plugins0.8: needs-triage
49
dapper_gst-plugins0.8: ignored (reached end-of-life)
50
gutsy_gst-plugins0.8: DNE
51
hardy_gst-plugins0.8: DNE
52
intrepid_gst-plugins0.8: DNE
53
jaunty_gst-plugins0.8: DNE
54
karmic_gst-plugins0.8: DNE
55
devel_gst-plugins0.8: DNE