VYPR
Unrated severityNVD Advisory· Published Feb 2, 2009· Updated Jun 16, 2026

CVE-2009-0387

CVE-2009-0387

Description

Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gstreamer:good_plug-ins:0.10.9:*:*:*:*:*:*:*
    • (no CPE)range: 0.10.9 - 0.10.11
  • cpe:2.3:a:gstreamer:plug-ins:0.8.5:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.