Showing 1 - 4 of 4

CVE-2023-40474

Status Candidate

Overview

GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21660.

Related Files

Gentoo Linux Security Advisory 202406-06: Posted Jul 1, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202406-6 - Multiple vulnerabilities have been discovered in GStreamer and GStreamer Plugins, the worst of which could lead to code execution. Versions greater than or equal to 1.22.11-r1 are affected.; tags | advisory, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-40474, CVE-2023-40475, CVE-2023-40476, CVE-2023-44429, CVE-2023-44446; SHA-256 | fec3a8343a74b9d1fe7699008262c7399508766a646b2c0ee811200f5afffa94; Download | Favorite | View

Red Hat Security Advisory 2024-3060-03: Posted May 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-3060-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.; tags | advisory, overflow; systems | linux, redhat; advisories | CVE-2023-40474; SHA-256 | a4ac11ee8ea350e08dd9d03c077ca1e7f6d3179cd4d2a9f50fb08552b108cf05; Download | Favorite | View

Red Hat Security Advisory 2024-2287-03: Posted Apr 30, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2287-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2023-40474; SHA-256 | fab820c0fbdfa4d8d6e73e8f311ccdd5d57b1fc27fa3d174dca75ce8e75dec6e; Download | Favorite | View

Debian Security Advisory 5533-1: Posted Oct 25, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5533-1 - Multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2023-40474, CVE-2023-40475, CVE-2023-40476; SHA-256 | e81e72b3f33ad104bd4e5d6d63cad2f41395d2a21ad58de85a5bb5b09cd20348; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 152 files
Jay Turla 150 files
Ubuntu 68 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 27 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2023-40474

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems