A heap-based buffer overflow was found in the way gstreamer parses video files in the H.264 format. An attacker could create a malicious H.264 media file, which when parsed via gstreamer, could cause gstreamer to crash or, potentially, execute arbitrary code when opened. Acknowledgements: Red Hat would like to thank Ralph Giles from the Mozilla project for reporting this issue.
Public via: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784220
Created gstreamer-plugins-bad-free tracking bugs for this issue: Affects: fedora-all [bug 1218249]
The most important attack vector for this issue is remote exploitation via malicious web content as rendered by firefox. However this issue was addressed in firefox as shipped with Red Hat Enterprise Linux via the following advisory: https://rhn.redhat.com/errata/RHSA-2015-0988.html This issue is addressed in Firefox by blacklisting the affected plugin.
Statement: This issue does not affect the version of gstreamer-plugins-bad package as shipped with Red Hat Enterprise Linux 6. This issue affects the version of gstreamer-plugins-bad package as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.