Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2009-0387
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-02 Feb, 2009 | 19:30
Updated At-23 Apr, 2026 | 00:35

Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
gstreamer
gstreamer
>>good_plug-ins>>0.10.9
cpe:2.3:a:gstreamer:good_plug-ins:0.10.9:*:*:*:*:*:*:*
gstreamer
gstreamer
>>good_plug-ins>>0.10.10
cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*
gstreamer
gstreamer
>>good_plug-ins>>0.10.11
cpe:2.3:a:gstreamer:good_plug-ins:0.10.11:*:*:*:*:*:*:*
gstreamer
gstreamer
>>plug-ins>>0.8.5
cpe:2.3:a:gstreamer:plug-ins:0.8.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53cve@mitre.org
N/A
http://gstreamer.freedesktop.org/releases/gst-plugins-good/0.10.12.htmlcve@mitre.org
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.htmlcve@mitre.org
N/A
http://secunia.com/advisories/33650cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/33815cve@mitre.org
N/A
http://secunia.com/advisories/34336cve@mitre.org
N/A
http://secunia.com/advisories/35777cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200907-11.xmlcve@mitre.org
N/A
http://trapkit.de/advisories/TKADV2009-003.txtcve@mitre.org
Exploit
http://www.mandriva.com/security/advisories?name=MDVSA-2009:035cve@mitre.org
N/A
http://www.openwall.com/lists/oss-security/2009/01/29/3cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2009-0271.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/500317/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/33405cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-736-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2009/0225cve@mitre.org
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=481267cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611cve@mitre.org
N/A
http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53af854a3a-2127-422b-91ae-364da2661108
N/A
http://gstreamer.freedesktop.org/releases/gst-plugins-good/0.10.12.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/33650af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/33815af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/34336af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/35777af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200907-11.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://trapkit.de/advisories/TKADV2009-003.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.mandriva.com/security/advisories?name=MDVSA-2009:035af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2009/01/29/3af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2009-0271.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/500317/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/33405af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-736-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2009/0225af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=481267af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://gstreamer.freedesktop.org/releases/gst-plugins-good/0.10.12.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/33650
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/33815
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/34336
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/35777
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200907-11.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://trapkit.de/advisories/TKADV2009-003.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:035
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2009/01/29/3
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-0271.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/500317/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/33405
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-736-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2009/0225
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=481267
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://gstreamer.freedesktop.org/releases/gst-plugins-good/0.10.12.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/33650
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/33815
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/34336
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/35777
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200907-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://trapkit.de/advisories/TKADV2009-003.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:035
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2009/01/29/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-0271.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/500317/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/33405
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-736-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2009/0225
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=481267
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found