CVE-2009-0398

NameCVE-2009-0398
DescriptionArray index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gst-plugins-bad0.10 (PTS)jessie, jessie (lts)0.10.23-7.4+deb8u5fixed
gst-plugins-good0.10 (PTS)jessie, jessie (lts)0.10.31-3+nmu4+deb8u3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gst-plugins-bad0.10source(unstable)(not affected)
gst-plugins-good0.10source(unstable)(not affected)

Notes

- gst-plugins-good0.10 <not-affected> (Vulnerable code not present)
- gst-plugins-bad0.10 <not-affected> (Vulnerable code not present)
Search for package or bug name: Reporting problems