Executive Summary
Summary | |
---|---|
Title | GStreamer plug-ins: User-assisted execution of arbitrary code |
Informations | |||
---|---|---|---|
Name | GLSA-200907-11 | First vendor Publication | 2009-07-12 |
Vendor | Gentoo | Last vendor Modification | 2009-07-12 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities in multiple GStreamer plug-ins might allow for the execution of arbitrary code. Background Description * Tobias Klein reported two heap-based buffer overflows and an array index error in the qtdemux_parse_samples() function in gst-plugins-good when processing a QuickTime media .mov file (CVE-2009-0386, CVE-2009-0387, CVE-2009-0397). * Thomas Hoger of the Red Hat Security Response Team reported an integer overflow that can lead to a heap-based buffer overflow in the gst_vorbis_tag_add_coverart() function in gst-plugins-base when processing COVERART tags (CVE-2009-0586). * Tielei Wang of ICST-ERCIS, Peking University reported multiple integer overflows leading to buffer overflows in gst-plugins-libpng when processing a PNG file (CVE-2009-1932). Impact Workaround Resolution All gst-plugins-base users should upgrade to the latest version: All gst-plugins-libpng users should upgrade to the latest version: References Availability http://security.gentoo.org/glsa/glsa-200907-11.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200907-11.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10306 | |||
Oval ID: | oval:org.mitre.oval:def:10306 | ||
Title: | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. | ||
Description: | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0386 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10611 | |||
Oval ID: | oval:org.mitre.oval:def:10611 | ||
Title: | Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | ||
Description: | Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0387 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10798 | |||
Oval ID: | oval:org.mitre.oval:def:10798 | ||
Title: | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||
Description: | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1932 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13454 | |||
Oval ID: | oval:org.mitre.oval:def:13454 | ||
Title: | USN-789-1 -- gst-plugins-good0.10 vulnerability | ||
Description: | Tielei Wang discovered that GStreamer Good Plugins did not correctly handle malformed PNG image files. If a user were tricked into opening a crafted PNG image file with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-789-1 CVE-2009-1932 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 9.04 Ubuntu 6.06 Ubuntu 8.10 | Product(s): | gst-plugins-good0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13458 | |||
Oval ID: | oval:org.mitre.oval:def:13458 | ||
Title: | USN-735-1 -- gst-plugins-base0.10 vulnerability | ||
Description: | It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-735-1 CVE-2009-0586 | Version: | 5 |
Platform(s): | Ubuntu 8.10 | Product(s): | gst-plugins-base0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13674 | |||
Oval ID: | oval:org.mitre.oval:def:13674 | ||
Title: | DSA-1729-1 gst-plugins-bad0.10 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0386 Tobias Klein discovered a buffer overflow in the quicktime stream demuxer, which could potentially lead to the execution of arbitrary code via crafted .mov files. CVE-2009-0387 Tobias Klein discovered an array index error in the quicktime stream demuxer, which could potentially lead to the execution of arbitrary code via crafted .mov files. CVE-2009-0397 Tobias Klein discovered a buffer overflow in the quicktime stream demuxer similar to the issue reported in CVE-2009-0386, which could also lead to the execution of arbitrary code via crafted .mov files. For the stable distribution, these problems have been fixed in version 0.10.8-4.1~lenny1 of gst-plugins-good0.10, since the affected plugin has been moved there. The fix was already included in the lenny release. For the oldstable distribution, these problems have been fixed in version 0.10.3-3.1+etch1. For the unstable distribution and the testing distribution, these problems have been fixed in version 0.10.8-4.1 of gst-plugins-good0.10. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1729-1 CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13731 | |||
Oval ID: | oval:org.mitre.oval:def:13731 | ||
Title: | DSA-1839-1 gst-plugins-good0.10 -- integer overflow | ||
Description: | It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code. For the stable distribution, this problem has been fixed in version 0.10.8-4.1~lenny2. For the oldstable distribution, this problem has been fixed in version 0.10.4-4+etch1. Packages for the s390 and hppa architectures will be released once they are available. For the testing distribution and the unstable distribution, this problem has been fixed in version 0.10.15-2. We recommend that you upgrade your gst-plugins-good0.10 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1839-1 CVE-2009-1932 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-good0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13822 | |||
Oval ID: | oval:org.mitre.oval:def:13822 | ||
Title: | USN-736-1 -- gst-plugins-good0.10 vulnerabilities | ||
Description: | It was discovered that GStreamer Good Plugins did not correctly handle malformed Composition Time To Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Sync Sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that GStreamer Good Plugins did not correctly handle malformed Time-to-sample atom data in Quicktime movie files. If a user were tricked into opening a crafted mov file, an attacker could execute arbitrary code with the privileges of the user invoking the program | ||
Family: | unix | Class: | patch |
Reference(s): | USN-736-1 CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 | Version: | 5 |
Platform(s): | Ubuntu 7.10 Ubuntu 8.10 Ubuntu 8.04 | Product(s): | gst-plugins-good0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21801 | |||
Oval ID: | oval:org.mitre.oval:def:21801 | ||
Title: | ELSA-2009:0352: gstreamer-plugins-base security update (Moderate) | ||
Description: | Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0352-01 CVE-2009-0586 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gstreamer-plugins-base |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21937 | |||
Oval ID: | oval:org.mitre.oval:def:21937 | ||
Title: | ELSA-2009:1123: gstreamer-plugins-good security update (Moderate) | ||
Description: | Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1123-01 CVE-2009-1932 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gstreamer-plugins-good |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22005 | |||
Oval ID: | oval:org.mitre.oval:def:22005 | ||
Title: | ELSA-2009:0271: gstreamer-plugins-good security update (Important) | ||
Description: | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0271-02 CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | gstreamer-plugins-good |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28896 | |||
Oval ID: | oval:org.mitre.oval:def:28896 | ||
Title: | RHSA-2009:0271 -- gstreamer-plugins-good security update (Important) | ||
Description: | Updated gstreamer-plugins-good packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, GStreamer plug-ins of good quality released under the LGPL license. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0271 CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | gstreamer-plugins-good |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29311 | |||
Oval ID: | oval:org.mitre.oval:def:29311 | ||
Title: | RHSA-2009:1123 -- gstreamer-plugins-good security update (Moderate) | ||
Description: | Updated gstreamer-plugins-good packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially-crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1123 CESA-2009:1123-CentOS 5 CVE-2009-1932 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gstreamer-plugins-good |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:29319 | |||
Oval ID: | oval:org.mitre.oval:def:29319 | ||
Title: | RHSA-2009:0352 -- gstreamer-plugins-base security update (Moderate) | ||
Description: | Updated gstreamer-plugins-base packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GStreamer is a streaming media framework based on graphs of filters which operate on media data. GStreamer Base Plug-ins is a collection of well-maintained base plug-ins. An integer overflow flaw which caused a heap-based buffer overflow was discovered in the Vorbis comment tags reader. An attacker could create a carefully-crafted Vorbis file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if opened by a victim. (CVE-2009-0586) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0352 CESA-2009:0352-CentOS 5 CVE-2009-0586 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gstreamer-plugins-base |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7454 | |||
Oval ID: | oval:org.mitre.oval:def:7454 | ||
Title: | DSA-1839 gst-plugins-good0.10 -- integer overflow | ||
Description: | It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1839 CVE-2009-1932 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | gst-plugins-good0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8176 | |||
Oval ID: | oval:org.mitre.oval:def:8176 | ||
Title: | DSA-1729 gst-plugins-bad0.10 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins. The Common Vulnerabilities and Exposures project identifies the following problems: Tobias Klein discovered a buffer overflow in the quicktime stream demuxer (qtdemux), which could potentially lead to the execution of arbitrary code via crafted .mov files. Tobias Klein discovered an array index error in the quicktime stream demuxer (qtdemux), which could potentially lead to the execution of arbitrary code via crafted .mov files. Tobias Klein discovered a buffer overflow in the quicktime stream demuxer (qtdemux) similar to the issue reported in CVE-2009-0386, which could also lead to the execution of arbitrary code via crafted .mov files. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1729 CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | gst-plugins-bad0.10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9694 | |||
Oval ID: | oval:org.mitre.oval:def:9694 | ||
Title: | Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. | ||
Description: | Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0586 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9942 | |||
Oval ID: | oval:org.mitre.oval:def:9942 | ||
Title: | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | ||
Description: | Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0397 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386 File : nvt/gb_CESA-2009_1123_gstreamer-plugins-good_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for gstreamer-plugins-base CESA-2009:0352 centos5 i386 File : nvt/gb_CESA-2009_0352_gstreamer-plugins-base_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for gstreamer-plugins CESA-2009:0270 centos4 i386 File : nvt/gb_CESA-2009_0270_gstreamer-plugins_centos4_i386.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good) File : nvt/mdksa_2009_130_1.nasl |
2009-10-13 | Name : SLES10: Security update for gstreamer File : nvt/sles10_gstreamer010-pl.nasl |
2009-10-11 | Name : SLES11: Security update for gstreamer File : nvt/sles11_gstreamer-0_10-0.nasl |
2009-10-11 | Name : SLES11: Security update for gstreamer File : nvt/sles11_gstreamer-0_10-.nasl |
2009-07-29 | Name : Debian Security Advisory DSA 1839-1 (gst-plugins-good0.10) File : nvt/deb_1839_1.nasl |
2009-07-29 | Name : Gentoo Security Advisory GLSA 200907-11 (gst-plugins-good gst-plugins-base gs... File : nvt/glsa_200907_11.nasl |
2009-06-30 | Name : RedHat Security Advisory RHSA-2009:1123 File : nvt/RHSA_2009_1123.nasl |
2009-06-30 | Name : CentOS Security Advisory CESA-2009:1123 (gstreamer-plugins-good) File : nvt/ovcesa2009_1123.nasl |
2009-06-30 | Name : Ubuntu USN-789-1 (gst-plugins-good0.10) File : nvt/ubuntu_789_1.nasl |
2009-06-09 | Name : Mandrake Security Advisory MDVSA-2009:130 (gstreamer0.10-plugins-good) File : nvt/mdksa_2009_130.nasl |
2009-04-28 | Name : SuSE Security Summary SUSE-SR:2009:009 File : nvt/suse_sr_2009_009.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0352 File : nvt/RHSA_2009_0352.nasl |
2009-04-15 | Name : CentOS Security Advisory CESA-2009:0352 (gstreamer-plugins-base) File : nvt/ovcesa2009_0352.nasl |
2009-04-06 | Name : Mandrake Security Advisory MDVSA-2009:085 (gstreamer0.10-plugins-base) File : nvt/mdksa_2009_085.nasl |
2009-03-20 | Name : FreeBSD Ports: gstreamer-plugins-good File : nvt/freebsd_gstreamer-plugins-good.nasl |
2009-03-20 | Name : Ubuntu USN-735-1 (gst-plugins-base0.10) File : nvt/ubuntu_735_1.nasl |
2009-03-20 | Name : Ubuntu USN-736-1 (gst-plugins-good0.10) File : nvt/ubuntu_736_1.nasl |
2009-03-07 | Name : Debian Security Advisory DSA 1729-1 (gst-plugins-bad0.10) File : nvt/deb_1729_1.nasl |
2009-03-02 | Name : Fedora Core 9 FEDORA-2009-1343 (gstreamer-plugins-good) File : nvt/fcore_2009_1343.nasl |
2009-03-02 | Name : Fedora Core 10 FEDORA-2009-1213 (gstreamer-plugins-good) File : nvt/fcore_2009_1213.nasl |
2009-03-02 | Name : SuSE Security Summary SUSE-SR:2009:005 File : nvt/suse_sr_2009_005.nasl |
2009-02-13 | Name : Mandrake Security Advisory MDVSA-2009:035 (gstreamer0.10-plugins-good) File : nvt/mdksa_2009_035.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0270 (gstreamer-plugins) File : nvt/ovcesa2009_0270.nasl |
2009-02-10 | Name : RedHat Security Advisory RHSA-2009:0270 File : nvt/RHSA_2009_0270.nasl |
2009-02-10 | Name : RedHat Security Advisory RHSA-2009:0271 File : nvt/RHSA_2009_0271.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54827 | GStreamer Good Plug-ins ext/libpng/gstpngdec.c PNG File Handling Overflow |
53550 | GStreamer Good Plug-ins gst/qtdemux/qtdemux.c qtdemux_parse_samples Function ... |
52775 | GStreamer Base Plugins gst-libs/gst/tag/gstvorbistag.c gst_vorbis_tag_add_cov... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1123.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0352.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0271.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0270.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090406_gstreamer_plugins_base_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090206_gstreamer_plugins_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090206_gstreamer_plugins_good_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090625_gstreamer_plugins_good_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1839.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0352.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_gstreamer-0_10-plugins-good-091218.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1123.nasl - Type : ACT_GATHER_INFO |
2009-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_gstreamer010-plugins-good-6295.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gstreamer-0_10-plugins-base-090406.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_gstreamer-0_10-plugins-good-090609.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_gstreamer010-plugins-good-6293.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gstreamer-0_10-plugins-good-090609.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gstreamer-0_10-plugins-good-090218.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_gstreamer-0_10-plugins-base-090406.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gstreamer-0_10-plugins-good-090609.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_gstreamer-0_10-plugins-good-090218.nasl - Type : ACT_GATHER_INFO |
2009-07-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200907-11.nasl - Type : ACT_GATHER_INFO |
2009-06-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1123.nasl - Type : ACT_GATHER_INFO |
2009-06-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-789-1.nasl - Type : ACT_GATHER_INFO |
2009-06-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-130.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-085.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-035.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1213.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-735-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-736-1.nasl - Type : ACT_GATHER_INFO |
2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0352.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_37a365ed126911dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-03-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1729.nasl - Type : ACT_GATHER_INFO |
2009-02-26 | Name : The remote openSUSE host is missing a security update. File : suse_gstreamer010-plugins-good-6008.nasl - Type : ACT_GATHER_INFO |
2009-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1343.nasl - Type : ACT_GATHER_INFO |
2009-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0271.nasl - Type : ACT_GATHER_INFO |
2009-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0270.nasl - Type : ACT_GATHER_INFO |
2009-02-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0270.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:36:37 |
|