CVE-2009-0398 – gstreamer-plugins: Array index error while parsing malformed QuickTime media files

https://notcve.org/view.php?id=CVE-2009-0398

Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file. Error de indice de selección en la función gst_qtp_trak_handler en gst/qtdemux/qtdemux.c en GStreamer Plug-ins (conocido como gstreamer-plugins) v0.6.0 permite a atacantes remotos provocar un impacto desconocido mediante un fichero multimedia de QuickTime manipulado. • http://secunia.com/advisories/33830 http://www.openwall.com/lists/oss-security/2009/01/29/3 http://www.redhat.com/support/errata/RHSA-2009-0269.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9886 https://access.redhat.com/security/cve/CVE-2009-0398 https://bugzilla.redhat.com/show_bug.cgi?id=483740 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •