Peaches Posted January 27, 2009 Report Share Posted January 27, 2009 Multiple heap overflows in plug-in for GStreamer media framework Jan 26, 2009 Modified QuickTime files can be used to provoke several heap overflows in the GStreamer Good Plug-in. Free Media players such as Totem and Amarok use the GStreamer framework for playing audio and video files. For a successful attack the victim must download a modified file and open it on an affected version. The vulnerability has been fixed in version 0.10.12 and version 0.10.13 , which is also free of this bug, has already been released to fix an error that was not security related. The new versions are available for Linux distributions, however the Windows binaries are still on version 0.10.5. New versions are available to download from the GStreamer website. See also: GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities, a report from Tobias Klein Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.