VYPR
Unrated severityNVD Advisory· Published Feb 2, 2009· Updated Jun 16, 2026

CVE-2009-0386

CVE-2009-0386

Description

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.9:*:*:*:*:*:*:*
    • (no CPE)range: 0.10.9 - 0.10.11

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.