Integer overflow

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

CVE-2009-1274

CVE-2009-1274 : xine-lib = 1.1.16.3, or apply vendor-provided patches/workarounds. In practice, affected products rely on updates such as Gentoo’s recommendation: emerge --sync && emerge --oneshot --verbose

CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

xine-lib STTS QuickTime原子整数溢出漏洞

BUGTRAQ ID: 34384 xine是一款免费的媒体播放器，支持多种格式。 Xine-lib在解析Quicktime电影文件的畸形STTS原子时存在整数溢出漏洞，本地或远程攻击者可以利用这个漏洞以使用xine库应用程序的权限执行任意代码。以下是/src/demuxers/demuxqt.c中的有漏洞代码段： ... 840 static qterror parsetrakatom qttrak trak, 841 unsigned char trakatom ... 1535 else if currentatom == STTSATOM 1536 1537 / there...

[TKADV2009-005] xine-lib Quicktime STTS Atom Integer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: xine-lib Quicktime STTS Atom Integer Overflow Advisory ID: TKADV2009-005 Revision: 1.0 Release Date: 2009/04/04 Last Modified: 2009/04/04 Date Reported: 2009/03/05 Author: Tobias Klein tk at trapkit.de Affected Software: xine-lib = version...

xinelib library integer overflow

Integer overflow on Quicktime XTTS atom parsing...

xine-lib STTS QuickTime Atom远程缓冲区溢出漏洞

BUGTRAQ ID: 34384 CNCAN ID：CNCAN-2009040705 xine-lib是一款多媒体解码程序。 xine-lib处理STTS Quicktime atoms存在整数溢出错误，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建特殊的Quicktime文件，诱使用户解析，可触发此漏洞，并以应用程序权限执行任意指令。 xine xine-lib 1.1.16 2 xine xine-lib 1.1.16 1 xine xine-lib 1.1.16 xine xine-lib 1.1.15 xine xine-lib 1.1.14 xine xine-li...

Mandrake Security Advisory MDVSA-2009:086 (gstreamer-plugins)

The remote host is missing an update to gstreamer-plugins announced via advisory MDVSA-2009:086. OpenVAS Vulnerability Test $Id: mdksa2009086.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:086 gstreamer-plugins Authors: Thomas Reinke Copyright:...

Mandrake Security Advisory MDVSA-2009:086 (gstreamer-plugins)

The remote host is missing an update to gstreamer-plugins announced via advisory MDVSA-2009:086. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

libxine -- multiple vulnerabilities

xine developers report: Fix another possible int overflow in the 4XM demuxer. ref. TKADV2009-004, CVE-2009-0385 Fix an integer overflow in the Quicktime demuxer...

QuickTime < 7.6.6 Multiple Vulnerabilities

Binary data 801207.prm...

QuickTime < 7.6.6 Multiple Vulnerabilities

Binary data 5492.prm...

Ubuntu USN-736-1 (gst-plugins-good0.10)

The remote host is missing an update to gst-plugins-good0.10 announced via advisory USN-736-1. OpenVAS Vulnerability Test $Id: ubuntu7361.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7361.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-736-1...

VulnCheck KEV: CVE-2007-0015

Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI...

Ubuntu: Security Advisory (USN-736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MacOS X QuickTime RTSP Content-Type Overflow

This module exploits a stack-based buffer overflow in Apple QuickTime before version 7.3.1. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

FreeBSD : gstreamer-plugins-good -- multiple memory overflows (37a365ed-1269-11de-a964-0030843d3802)

Secunia reports : Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins, which can potentially be exploited by malicious people to compromise a vulnerable system. A boundary error occurs within the 'qtdemuxparsesamples' function in gst/gtdemux/qtdemux.c when performing QuickTi...

USN-736-1: GStreamer Good Plugins vulnerabilities

It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample ctts atom data in Quicktime mov movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the...