oval:org.mitre.oval:def:13674

Definition Id: oval:org.mitre.oval:def:13674
 
Oval ID: oval:org.mitre.oval:def:13674
Title: DSA-1729-1 gst-plugins-bad0.10 -- several vulnerabilities
Description: Several vulnerabilities have been found in gst-plugins-bad0.10, a collection of various GStreamer plugins. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0386 Tobias Klein discovered a buffer overflow in the quicktime stream demuxer, which could potentially lead to the execution of arbitrary code via crafted .mov files. CVE-2009-0387 Tobias Klein discovered an array index error in the quicktime stream demuxer, which could potentially lead to the execution of arbitrary code via crafted .mov files. CVE-2009-0397 Tobias Klein discovered a buffer overflow in the quicktime stream demuxer similar to the issue reported in CVE-2009-0386, which could also lead to the execution of arbitrary code via crafted .mov files. For the stable distribution, these problems have been fixed in version 0.10.8-4.1~lenny1 of gst-plugins-good0.10, since the affected plugin has been moved there. The fix was already included in the lenny release. For the oldstable distribution, these problems have been fixed in version 0.10.3-3.1+etch1. For the unstable distribution and the testing distribution, these problems have been fixed in version 0.10.8-4.1 of gst-plugins-good0.10.
Family: unix Class: patch
Reference(s): DSA-1729-1
CVE-2009-0386
CVE-2009-0387
CVE-2009-0397
 Version: 5
Platform(s): Debian GNU/Linux 4.0
 Product(s): gst-plugins-bad0.10
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6461
 
Oval ID: oval:org.mitre.oval:def:6461
Title: Debian GNU/Linux 4.0 is installed.
Description: Debian GNU/Linux 4.0 (etch) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:4.0
 Version: 9
Platform(s): Debian GNU/Linux 4.0
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13674