Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0386 to
the following vulnerability:
Heap-based buffer overflow in the qtdemux_parse_samples function in
gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka
gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers
to execute arbitrary code via crafted Composition Time To Sample
(ctts) atom data in a malformed QuickTime media .mov file.
gstreamer-plugins-good-0.10.8-10.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
gstreamer-plugins-good-0.10.13-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in:
Red Hat Enterprise Linux: