CVE-2009-1932

Publication date 4 June 2009

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
gst-plugins-good0.10	9.04 jaunty	Fixed 0.10.14-1ubuntu0.1
	8.10 intrepid	Fixed 0.10.10.4-1ubuntu1.2
	8.04 LTS hardy	Fixed 0.10.7-3ubuntu0.3
	6.06 LTS dapper	Fixed 0.10.3-0ubuntu4.2

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
gst-plugins-good0.10	Upstream: ?id=d95

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-789-1
GStreamer Good Plugins vulnerability
22 June 2009

Other references

http://secunia.com/advisories/35205/
https://www.cve.org/CVERecord?id=CVE-2009-1932