CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
84.6%
Integer overflow in the gst_vorbis_tag_add_coverart function
(gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka
gstreamer-plugins-base) before 0.10.23 in GStreamer allows
context-dependent attackers to execute arbitrary code via a crafted
COVERART tag that is converted from a base64 representation, which triggers
a heap-based buffer overflow.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.10 | noarch | gst-plugins-base0.10 | <Β 0.10.21-3ubuntu0.1 | UNKNOWN |