exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2023-37328

Status Candidate

Overview

GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20994.

Related Files

Red Hat Security Advisory 2024-3088-03
Posted May 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3088-03 - An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 8.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37328
SHA-256 | b24d836c4bf1860d015a23bdf4a2236ac462adf0b89b5fee567c825ccf7b6921
Download | Favorite | View
Red Hat Security Advisory 2024-2302-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2302-03 - An update for gstreamer1-plugins-base is now available for Red Hat Enterprise Linux 9.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-37328
SHA-256 | f25f31af93fdb7914a79acecaed7d2e76f1539992d52839d17556a41d2afaf0b
Download | Favorite | View
Ubuntu Security Notice USN-6268-1
Posted Aug 3, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6268-1 - It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that GStreamer Base Plugins incorrectly handled certain subtitles. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-37327, CVE-2023-37328
SHA-256 | 62d7331e15a92c02979c47ce4bc9712062b94c31671bf36ee4c3cfbfd44c64ff
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    31 Files
  • 26
    Jul 26th
    13 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    27 Files
  • 30
    Jul 30th
    49 Files
  • 31
    Jul 31st
    29 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close