Bug#512818: SA33650: QuickTime Processing Vulnerabilities
Raphael Geissert
atomo64 at gmail.com
Sat Jan 24 02:10:58 UTC 2009
Source: gstreamer0.10-plugins-good
Severity: grave
Version: 0.10.8-4
Tags: security
Hi,
The following SA (Secunia Advisory) id was published for interchange.
SA33650[1]:
> Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins,
> which can potentially be exploited by malicious people to compromise a
> vulnerable system.
>
> 1) A boundary error occurs within the "qtdemux_parse_samples()" function in
> gst/gtdemux/qtdemux.c when performing QuickTime "ctts" Atom parsing. This
> can be exploited to cause a heap-based buffer overflow via a specially
> crafted QuickTime media file.
>
> 2) An array indexing error exists in the "qtdemux_parse_samples()" function
> in gst/gtdemux/qtdemux.c when performing QuickTime "stss" Atom parsing.
> This can be exploited to corrupt memory via a specially crafted QuickTime
> media file.
>
> 3) A boundary error occurs within the "qtdemux_parse_samples()" function in
> gst/gtdemux/qtdemux.c when performing QuickTime "stts" Atom parsing. This
> can be exploited to cause a heap-based buffer overflow via a specially
> crafted QuickTime media file.
>
> These vulnerabilities are reported in versions prior to 0.10.12.
The original advisory can be found at [2].
If you fix the vulnerability please also make sure to include the CVE id, when
one is assigned, in the changelog entry.
[1]http://secunia.com/Advisories/33650/
[2]http://trapkit.de/advisories/TKADV2009-003.txt
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-gstreamer-maintainers/attachments/20090123/61b63af6/attachment.pgp
More information about the Pkg-gstreamer-maintainers
mailing list