Lucene search
UbuntuUSN-735-1HistoryMar 16, 2009 - 12:00 a.m.
GStreamer Base Plugins vulnerability
2009-03-1600:00:00
ubuntu.com
40
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.011
Percentile
84.6%
Releases
- Ubuntu 8.10
Packages
- gst-plugins-base0.10 -
Details
It was discovered that the Base64 decoding functions in GStreamer Base
Plugins did not properly handle large images in Vorbis file tags. If a user
were tricked into opening a specially crafted Vorbis file, an attacker
could possibly execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | gstreamer0.10-plugins-base | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | gstreamer0.10-alsa | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | gstreamer0.10-gnomevfs | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | gstreamer0.10-plugins-base-apps | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | gstreamer0.10-plugins-base-dbg | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | gstreamer0.10-x | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libgstreamer-plugins-base0.10-0 | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libgstreamer-plugins-base0.10-dev | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |
References
Related
openvas
openvas
CentOS Security Advisory CESA-2009:0352 (gstreamer-plugins-base)
2009-04-15 00:00:00
SLES11: Security update for gstreamer
2009-10-11 00:00:00
CentOS Security Advisory CESA-2009:0352 (gstreamer-plugins-base)
2009-04-15 00:00:00
nessus
nessus
RHEL 5 : gstreamer-plugins-base (RHSA-2009:0352)
2009-04-07 00:00:00
SuSE 11 Security Update : gstreamer (SAT Patch Number 742)
2009-09-24 00:00:00
Oracle Linux 5 : gstreamer-plugins-base (ELSA-2009-0352)
2013-07-12 00:00:00
cve
cve
CVE-2009-0586
2009-03-14 18:30:00
centos
centos
gstreamer security update
2009-04-08 12:04:31
cvelist
cvelist
CVE-2009-0586
2009-03-14 18:00:00
redhat
redhat
(RHSA-2009:0352) Moderate: gstreamer-plugins-base security update
2009-04-06 00:00:00
ubuntucve
ubuntucve
CVE-2009-0586
2009-03-14 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:56
prion
prion
Integer overflow
2009-03-14 18:30:00
nvd
nvd
CVE-2009-0586
2009-03-14 18:30:00
oraclelinux
oraclelinux
gstreamer-plugins-base security update
2009-04-06 00:00:00
securityvulns
securityvulns
glib library memory corruption
2009-03-15 00:00:00
[oCERT-2008-015] glib and glib-predecessor heap overflows
2009-03-15 00:00:00
seebug
seebug
GNOME glib Base64ηΌη 解η ε€δΈͺζ΄ζ°ζΊ’εΊζΌζ΄
2009-03-14 00:00:00
gentoo
gentoo
GStreamer plug-ins: User-assisted execution of arbitrary code
2009-07-12 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.011
Percentile
84.6%
Related for USN-735-1