CVE-2009-1932
Description
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
8.313
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2009:1123) Moderate: gstreamer-plugins-good security update gstreamer-plugins-good-0.10.9-1.el5_3.2.i386.rpm | Linux |
| (RHSA-2009:1123) Moderate: gstreamer-plugins-good security update gstreamer-plugins-good-0.10.9-1.el5_3.2.x86_64.rpm | Linux |
| (RHSA-2009:1123) Moderate: gstreamer-plugins-good security update gstreamer-plugins-good-devel-0.10.9-1.el5_3.2.i386.rpm | Linux |
| (RHSA-2009:1123) Moderate: gstreamer-plugins-good security update gstreamer-plugins-good-devel-0.10.9-1.el5_3.2.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234