RHSA-2009:0270: Important: gstreamer-plugins security update
First published: Fri Feb 06 2009(Updated: )
The gstreamer-plugins package contains plugins used by the GStreamer<br>streaming-media framework to support a wide variety of media types.<br>A heap buffer overflow was found in the GStreamer's QuickTime media file<br>format decoding plug-in. An attacker could create a carefully-crafted<br>QuickTime media .mov file that would cause an application using GStreamer<br>to crash or, potentially, execute arbitrary code if played by a victim.<br>(CVE-2009-0397)<br>All users of gstreamer-plugins are advised to upgrade to these updated<br>packages, which contain a backported patch to correct this issue. After<br>installing the update, all applications using GStreamer (such as rhythmbox)<br>must be restarted for the changes to take effect.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2009:0270