Integer Overflow Vulnerability in GStreamer Good Plug-ins by GStreamer
CVE-2009-1932

Currently unrated

Key Information:

Vendor

Gstreamer

Status
Good Plug-ins
Vendor
CVE Published:
4 June 2009

What is CVE-2009-1932?

Multiple integer overflow vulnerabilities exist in the GStreamer Good Plug-ins, specifically within the user_info_callback, user_endrow_callback, and gst_pngdec_task functions. An attacker may exploit these vulnerabilities by crafting a malicious PNG file, leading to potential denial of service or even arbitrary code execution. Users of GStreamer Good Plug-ins are advised to update to secure their systems against these risks.

References

http://secunia.com/advisories/35777
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35583
third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1506
vdb-entryx_refsource_VUPEN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.