Pardus: Gst-plugins-good: Multiple Integer - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: September 6th, 2010

Linux Advisory Watch: September 3rd, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Pardus: Gst-plugins-good: Multiple Integer

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

can be exploited by malicious people to potentially compromise an application using the library.


--==============15803619=Content-Type: multipart/alternative; boundary504502b194b15ea9046d1774e3

--00504502b194b15ea9046d1774e3
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

------------------------------------------------------------------------
Pardus Linux Security Advisory 2009-91            security@pardus.org.tr
------------------------------------------------------------------------

      Date: 2009-06-24
  Severity: 3
      Type: Remote
------------------------------------------------------------------------

Summary
======
A vulnerability has been discovered in GStreamer Good  Plug-ins,  which

can be exploited by  malicious  people  to  potentially  compromise  an
application using the library.


Description
==========
The vulnerability is  caused  due  to  an  integer  overflow  error  in

ext/libpng/gstpngdec.c, which can be exploited to  cause  a  heap-based
buffer overflow via a specially crafted PNG file.



Successful exploitation may allow execution of arbitrary code.




Affected packages:

  Pardus 2008:
    gst-plugins-good, all before 0.10.11-16-9


Resolution
=========
There are update(s) for  gst-plugins-good.  You  can  update  them  via
Package Manager or with a single command from console:

    pisi up gst-plugins-good

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id™86
  * http://cgit.freedesktop.org/gstreamer...44bcc44adcef769cbdf7f6453e140058a3adc

  * http://secunia.com/advisories/35205

< Prev		Next >

Partner:

Latest Features

Review: The Official Ubuntu Book

Review: Zabbix 1.8 Network Monitoring

Meet the Anti-Nmap: PSAD

Understand: Fork Bombing Attack

Review: Hacking: The Art of Exploitation, Second Edition

Master's Student: Social Engineering is not just a definition!

Review: Ubuntu Unleased 2010 Edition: Covering 9.10 and 10.4

Yesterday's Edition

Firefox 3.6 gains anti-clickjacking support, Thunderbird & SeaMonkey updated

Quantum Cryptography Breached With Lasers

String Of Deals Shows Demand for Cloud-Based Authentication

Why hackers hack

Partner Sponsor