Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21959
HistoryJun 06, 2009 - 12:00 a.m.

[ MDVSA-2009:130 ] gstreamer0.10-plugins-good

2009-06-0600:00:00
vulners.com
11
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2009:130
http://www.mandriva.com/security/

Package : gstreamer0.10-plugins-good
Date : June 5, 2009
Affected: 2008.1, 2009.0, 2009.1

Problem Description:

Multiple integer overflows in the (1) user_info_callback,
(2) user_endrow_callback, and (3) gst_pngdec_task functions
(ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka
gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote
attackers to cause a denial of service and possibly execute arbitrary
code via a crafted PNG file, which triggers a buffer overflow
(CVE-2009-1932).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1932

Updated Packages:

Mandriva Linux 2008.1:
32b4c3a6282627f92f51a7d2d46ff77e 2008.1/i586/gstreamer0.10-aalib-0.10.7-3.3mdv2008.1.i586.rpm
c795af9934302427b9eff941f8202a21 2008.1/i586/gstreamer0.10-caca-0.10.7-3.3mdv2008.1.i586.rpm
2f6ee0c43cceb1b6a45c397230b2007d 2008.1/i586/gstreamer0.10-dv-0.10.7-3.3mdv2008.1.i586.rpm
66e9ffff70400e28a06b9acad18e9460 2008.1/i586/gstreamer0.10-esound-0.10.7-3.3mdv2008.1.i586.rpm
7f519c98463940c13d950f2c19bc91b3 2008.1/i586/gstreamer0.10-flac-0.10.7-3.3mdv2008.1.i586.rpm
88d2eec0febfa0fe536d43fcc0f06281
2008.1/i586/gstreamer0.10-plugins-good-0.10.7-3.3mdv2008.1.i586.rpm
e642a9932760431f65d6e2ec91aebe2f 2008.1/i586/gstreamer0.10-raw1394-0.10.7-3.3mdv2008.1.i586.rpm
16d3b8e3d5f5e79dbf975b7755d481d6 2008.1/i586/gstreamer0.10-speex-0.10.7-3.3mdv2008.1.i586.rpm
a35c2dacfc21179a7ce1ad2ddbde58b5
2008.1/i586/gstreamer0.10-wavpack-0.10.7-3.3mdv2008.1.i586.rpm
7f89efbf201445b95c6d1f8e48cdbcf5
2008.1/SRPMS/gstreamer0.10-plugins-good-0.10.7-3.3mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
47251e20c751b5cac7c878577fd32cbb
2008.1/x86_64/gstreamer0.10-aalib-0.10.7-3.3mdv2008.1.x86_64.rpm
41ad7308ecfdd545d1eeb625f9be26f0
2008.1/x86_64/gstreamer0.10-caca-0.10.7-3.3mdv2008.1.x86_64.rpm
c38747918e25383cf266575007b70bbc 2008.1/x86_64/gstreamer0.10-dv-0.10.7-3.3mdv2008.1.x86_64.rpm
3b43f5f0c6d7472bdd2d3a230ec4a5aa
2008.1/x86_64/gstreamer0.10-esound-0.10.7-3.3mdv2008.1.x86_64.rpm
e5eb3c018bfaf8db6f98787f919e7213
2008.1/x86_64/gstreamer0.10-flac-0.10.7-3.3mdv2008.1.x86_64.rpm
faf028bd1201249fef3b051451ee0a67
2008.1/x86_64/gstreamer0.10-plugins-good-0.10.7-3.3mdv2008.1.x86_64.rpm
21dadd252d853fba7fc0c711c8afd00f
2008.1/x86_64/gstreamer0.10-raw1394-0.10.7-3.3mdv2008.1.x86_64.rpm
874657a9c5ae3d65a010c887462cf832
2008.1/x86_64/gstreamer0.10-speex-0.10.7-3.3mdv2008.1.x86_64.rpm
decd0fa087bdec088152dd61974d71b1
2008.1/x86_64/gstreamer0.10-wavpack-0.10.7-3.3mdv2008.1.x86_64.rpm
7f89efbf201445b95c6d1f8e48cdbcf5
2008.1/SRPMS/gstreamer0.10-plugins-good-0.10.7-3.3mdv2008.1.src.rpm

Mandriva Linux 2009.0:
de338a01c224c0b9231d8f0e3434d653 2009.0/i586/gstreamer0.10-aalib-0.10.10-2.2mdv2009.0.i586.rpm
a96a976b99688e00563e2e239f061576 2009.0/i586/gstreamer0.10-caca-0.10.10-2.2mdv2009.0.i586.rpm
3864fd359d74953b036a1bdf2a442bbe 2009.0/i586/gstreamer0.10-dv-0.10.10-2.2mdv2009.0.i586.rpm
9bc82a78ece0447e05a6538cc307b3cc 2009.0/i586/gstreamer0.10-esound-0.10.10-2.2mdv2009.0.i586.rpm
40de2ef276852777418f79f97de4015d 2009.0/i586/gstreamer0.10-flac-0.10.10-2.2mdv2009.0.i586.rpm
e1e9be54e2de0341f427542370453873
2009.0/i586/gstreamer0.10-plugins-good-0.10.10-2.2mdv2009.0.i586.rpm
5e81527fee1fbe434934160101bad731 2009.0/i586/gstreamer0.10-pulse-0.10.10-2.2mdv2009.0.i586.rpm
4bb8e5964cdf388f30125e1799c041d9
2009.0/i586/gstreamer0.10-raw1394-0.10.10-2.2mdv2009.0.i586.rpm
5e8ecd8f2cd60980a9d1777af765ccb2 2009.0/i586/gstreamer0.10-soup-0.10.10-2.2mdv2009.0.i586.rpm
92926886890bb3c129d1358699369e07 2009.0/i586/gstreamer0.10-speex-0.10.10-2.2mdv2009.0.i586.rpm
e0af5cebef95297da35dbe644d5bd07e
2009.0/i586/gstreamer0.10-wavpack-0.10.10-2.2mdv2009.0.i586.rpm
b52464a5db2a376c7ffe9b4ae0d73cba
2009.0/SRPMS/gstreamer0.10-plugins-good-0.10.10-2.2mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
b5caab29e29b756fefbb4c74e383ec00
2009.0/x86_64/gstreamer0.10-aalib-0.10.10-2.2mdv2009.0.x86_64.rpm
e1ee1041b7ac2c2a10b5f3fb25b1cdd3
2009.0/x86_64/gstreamer0.10-caca-0.10.10-2.2mdv2009.0.x86_64.rpm
aa5a02a2a2b1a83738360fe55df21df4 2009.0/x86_64/gstreamer0.10-dv-0.10.10-2.2mdv2009.0.x86_64.rpm
dead047079a5b1a9052dfbe61b6fe5a9
2009.0/x86_64/gstreamer0.10-esound-0.10.10-2.2mdv2009.0.x86_64.rpm
1675f35f059b1c99228ae1aa125cfaac
2009.0/x86_64/gstreamer0.10-flac-0.10.10-2.2mdv2009.0.x86_64.rpm
4584962d9870e9813b128ada5469defc
2009.0/x86_64/gstreamer0.10-plugins-good-0.10.10-2.2mdv2009.0.x86_64.rpm
bf54135323d93696ee68154df93ebbde
2009.0/x86_64/gstreamer0.10-pulse-0.10.10-2.2mdv2009.0.x86_64.rpm
231e93b49075748873a361e38848f43c
2009.0/x86_64/gstreamer0.10-raw1394-0.10.10-2.2mdv2009.0.x86_64.rpm
4a8863274976927a121bee25dd421523
2009.0/x86_64/gstreamer0.10-soup-0.10.10-2.2mdv2009.0.x86_64.rpm
35030eeae145d26f41d0efa2c46efcff
2009.0/x86_64/gstreamer0.10-speex-0.10.10-2.2mdv2009.0.x86_64.rpm
11ecdd00ae934f05702c771946611333
2009.0/x86_64/gstreamer0.10-wavpack-0.10.10-2.2mdv2009.0.x86_64.rpm
b52464a5db2a376c7ffe9b4ae0d73cba
2009.0/SRPMS/gstreamer0.10-plugins-good-0.10.10-2.2mdv2009.0.src.rpm

Mandriva Linux 2009.1:
576d67df2c10fd5ce98fafbcccf5d31f 2009.1/i586/gstreamer0.10-aalib-0.10.14-1.1mdv2009.1.i586.rpm
c1df9fa818ac12667db9bfd51a8801df 2009.1/i586/gstreamer0.10-caca-0.10.14-1.1mdv2009.1.i586.rpm
1b2cbe0c1bd991db15f8a4ff30720430 2009.1/i586/gstreamer0.10-dv-0.10.14-1.1mdv2009.1.i586.rpm
ae7c7483df3feb7ea984e32241bdba1f 2009.1/i586/gstreamer0.10-esound-0.10.14-1.1mdv2009.1.i586.rpm
d881a0c3b7943dcde1e1ce2b12f55980 2009.1/i586/gstreamer0.10-flac-0.10.14-1.1mdv2009.1.i586.rpm
48b03dd5ff1f72383af81056a157d4d4
2009.1/i586/gstreamer0.10-plugins-good-0.10.14-1.1mdv2009.1.i586.rpm
c72a5910e0c83f2e5b29db46f1a070d5 2009.1/i586/gstreamer0.10-pulse-0.10.14-1.1mdv2009.1.i586.rpm
2ec1d77cbee188562138681c274497d1
2009.1/i586/gstreamer0.10-raw1394-0.10.14-1.1mdv2009.1.i586.rpm
d167d2ce3cabc24af442ad53736a4ae4 2009.1/i586/gstreamer0.10-soup-0.10.14-1.1mdv2009.1.i586.rpm
7e533c55706311d1abb8c1cf81febad7 2009.1/i586/gstreamer0.10-speex-0.10.14-1.1mdv2009.1.i586.rpm
442b714ff0d64c572c3f63a2b71cf39d
2009.1/i586/gstreamer0.10-wavpack-0.10.14-1.1mdv2009.1.i586.rpm
0e0ec096f0960620be981e5d7b4bc216
2009.1/SRPMS/gstreamer0.10-plugins-good-0.10.14-1.1mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
252223161131b2287b9e7432b5152c08
2009.1/x86_64/gstreamer0.10-aalib-0.10.14-1.1mdv2009.1.x86_64.rpm
a9fc8b915bf67dfc270c8ac403269a89
2009.1/x86_64/gstreamer0.10-caca-0.10.14-1.1mdv2009.1.x86_64.rpm
162a54cf36ce97f95aa06b36d3ea40df 2009.1/x86_64/gstreamer0.10-dv-0.10.14-1.1mdv2009.1.x86_64.rpm
88e60113882df2d775d458f88f035243
2009.1/x86_64/gstreamer0.10-esound-0.10.14-1.1mdv2009.1.x86_64.rpm
23263adc4119918c8e130866a02243fa
2009.1/x86_64/gstreamer0.10-flac-0.10.14-1.1mdv2009.1.x86_64.rpm
63a6e950690392c3d8a7da89eeb23b1c
2009.1/x86_64/gstreamer0.10-plugins-good-0.10.14-1.1mdv2009.1.x86_64.rpm
d900bf012fbac7b6ed4cd019b1dc41b3
2009.1/x86_64/gstreamer0.10-pulse-0.10.14-1.1mdv2009.1.x86_64.rpm
c9610f9bdab919fd6989bb00278fd83d
2009.1/x86_64/gstreamer0.10-raw1394-0.10.14-1.1mdv2009.1.x86_64.rpm
f8764ecd3d4ddb75ac4fb0fa6dae0ab9
2009.1/x86_64/gstreamer0.10-soup-0.10.14-1.1mdv2009.1.x86_64.rpm
9dd619ff1da567ebc0cddd82b085bd87
2009.1/x86_64/gstreamer0.10-speex-0.10.14-1.1mdv2009.1.x86_64.rpm
070d6303a673cb624866ab61f4dff728
2009.1/x86_64/gstreamer0.10-wavpack-0.10.14-1.1mdv2009.1.x86_64.rpm
0e0ec096f0960620be981e5d7b4bc216
2009.1/SRPMS/gstreamer0.10-plugins-good-0.10.14-1.1mdv2009.1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKKVdrmqjQ0CJFipgRAvTdAJ9M4Mgl3lDDDlnwUwb5kR7dpOhp/QCgqQGH
IiI+kqUb/EO99yc0N9eKqwM=
=YXTZ
-----END PGP SIGNATURE-----

Related

openvas 20
nessus 14
debian 1
ubuntucve 1
cve 1
oraclelinux 1
ubuntu 1
centos 1
securityvulns 1
prion 1
veracode 1
redhat 1
gentoo 1
openvas
openvas
SLES11: Security update for gstreamer
2009-10-11 00:00:00
Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)
2009-12-10 00:00:00
CentOS Security Advisory CESA-2009:1123 (gstreamer-plugins-good)
2009-06-30 00:00:00
nessus
nessus
CentOS 5 : gstreamer-plugins-good (CESA-2009:1123)
2010-01-06 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : gst-plugins-good0.10 vulnerability (USN-789-1)
2009-06-23 00:00:00
openSUSE 10 Security Update : gstreamer010-plugins-good (gstreamer010-plugins-good-6295)
2009-10-06 00:00:00
debian
debian
[SECURITY] [DSA 1839-1] New gst-plugins-good0.10 packages fix arbitrary code execution
2009-07-19 07:06:36
ubuntucve
ubuntucve
CVE-2009-1932
2009-06-04 00:00:00
cve
cve
CVE-2009-1932
2009-06-04 20:30:00
oraclelinux
oraclelinux
gstreamer-plugins-good security update
2009-06-25 00:00:00
ubuntu
ubuntu
GStreamer Good Plugins vulnerability
2009-06-22 00:00:00
centos
centos
gstreamer security update
2009-06-26 14:01:18
securityvulns
securityvulns
GStreamer Good Plug-ins DoS
2009-06-06 00:00:00
prion
prion
Integer overflow
2009-06-04 20:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:39:18
redhat
redhat
(RHSA-2009:1123) Moderate: gstreamer-plugins-good security update
2009-06-25 00:00:00
gentoo
gentoo
GStreamer plug-ins: User-assisted execution of arbitrary code
2009-07-12 00:00:00
JSON
Related for SECURITYVULNS:DOC:21959
openvas20nessus14debian1ubuntucve1cve1oraclelinux1ubuntu1centos1securityvulns1prion1veracode1redhat1gentoo1