1
Candidate: CVE-2009-0586
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586
5
https://usn.ubuntu.com/usn/usn-735-1
7
Integer overflow in the gst_vorbis_tag_add_coverart function
8
(gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka
9
gstreamer-plugins-base) before 0.10.23 in GStreamer allows
10
context-dependent attackers to execute arbitrary code via a crafted
11
COVERART tag that is converted from a base64 representation, which triggers
12
a heap-based buffer overflow.
20
Patches_gst-plugins-base0.10:
21
patch: http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff
22
upstream_gst-plugins-base0.10: needs-triage
23
dapper_gst-plugins-base0.10: not-affected (code not present)
24
gutsy_gst-plugins-base0.10: not-affected (code not present)
25
hardy_gst-plugins-base0.10: not-affected (code not present)
26
intrepid_gst-plugins-base0.10: released (0.10.21-3ubuntu0.1)
27
devel_gst-plugins-base0.10: not-affected (0.10.22-4)