BIT-JAVA-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...

gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples

A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer's sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

SUSE CVE-2024-47597

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...

DEBIAN-CVE-2024-47597

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...

AZL-62384 CVE-2024-47597 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue arises when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The following code...

GStreamer 缓冲区错误漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A buffer error vulnerability exists in GStreamer versions prior to 1.24.10, which stems from an out-of-bounds read detected in the qtdemuxparsesamples function in qtdemux.c. The vulnerability is caused by...

SUSE CVE-2009-0387

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

SUSE CVE-2009-0397

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11, and GStreamer Plug-ins aka gstreamer-plugins 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample aka...

SUSE CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

ALPINE-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

UBUNTU-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

gstreamer-plugins-good: heap-based buffer overflow while parsing malformed QuickTime media files via crafted Time-to-sample (stss) atom data

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11, and GStreamer Plug-ins aka gstreamer-plugins 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample aka...

PYSEC-2009-16

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11, and GStreamer Plug-ins aka gstreamer-plugins 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample aka...

PYSEC-2009-14

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample ctts atom data in a malformed QuickTime medi...