PT-2023-5553 · Gstreamer+10 · Gstreamer+10
Michael Randrianantenaina
·
Publicado
2022-09-20
·
Atualizado
2026-04-23
·
CVE-2023-40474
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
GStreamer (affected versions not specified)
Description
This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. The specific flaw exists within the parsing of MXF video files, resulting from the lack of proper validation of user-supplied data, which can lead to an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Almalinux
Astra Linux
Centos
Gstreamer
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu