Lucene search
MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]ZDI-24-467HistoryMay 17, 2024 - 12:00 a.m.
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
2024-05-1700:00:00
MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]
www.zerodayinitiative.com
2
gstreamer
remote code execution
exif metadata
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
openvas
openvas
Ubuntu: Security Advisory (USN-6798-1)
2024-05-30 00:00:00
Debian: Security Advisory (DLA-3824-1)
2024-05-31 00:00:00
openSUSE: Security Advisory for gstreamer (SUSE-SU-2024:1882-1)
2024-06-05 00:00:00
ubuntucve
ubuntucve
CVE-2024-4453
2024-05-23 00:00:00
debiancve
debiancve
CVE-2024-4453
2024-05-22 20:15:09
osv
osv
gst-plugins-base1.0 vulnerability
2024-05-29 14:58:02
gst-plugins-base1.0 - security update
2024-05-30 00:00:00
CVE-2024-4453
2024-05-22 20:15:09
nessus
nessus
Debian dsa-5702 : gir1.2-gst-plugins-base-1.0 - security update
2024-06-03 00:00:00
vulnrichment
vulnrichment
debian
debian
[SECURITY] [DSA 5702-1] gst-plugins-base1.0 security update
2024-06-01 07:21:04
[SECURITY] [DLA 3824-1] gst-plugins-base1.0 security update
2024-05-30 20:59:31
cvelist
cvelist
ubuntu
ubuntu
GStreamer Base Plugins vulnerability
2024-05-29 00:00:00
nvd
nvd
CVE-2024-4453
2024-05-22 20:15:09
cve
cve
CVE-2024-4453
2024-05-22 20:15:09
redhatcve
redhatcve
CVE-2024-4453
2024-05-23 14:56:41
mageia
mageia
Updated 0-plugins-base packages fix security vulnerability
2024-06-08 19:34:17