Oval Definition:oval:org.opensuse.security:def:20091438
Revision Date:2015-11-16Version:1
Title:CVE-2009-1438
Description:
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow, as exploited in the wild in August 2008.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-1438
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
Product(s):
Definition Synopsis
  • Release Information
  • sles9-nld is installed
  • AND
  • gstreamer-plugins-default less than 0.8.1-8.10
  • OR gstreamer-plugins-devel less than 0.8.1-8.10
  • OR gstreamer-plugins-excess less than 0.8.1-8.10
  • OR gstreamer-plugins-extra less than 0.8.1-8.10
  • OR gstreamer-plugins less than 0.8.1-8.10
  • OR Package Information
  • suse110 is installed
  • gstreamer-0_10-plugins-bad-devel less than 0.10.6-36.2
  • OR gstreamer-0_10-plugins-bad-doc less than 0.10.6-36.2
  • OR gstreamer-0_10-plugins-bad-lang less than 0.10.6-36.2
  • OR gstreamer-0_10-plugins-bad less than 0.10.6-36.2
  • OR libgstapp-0_10-0 less than 0.10.6-36.2
  • OR
  • suse111 is installed
  • gstreamer-0_10-plugins-bad-devel less than 0.10.8-6.6.1
  • OR gstreamer-0_10-plugins-bad-doc less than 0.10.8-6.6.1
  • OR gstreamer-0_10-plugins-bad-lang less than 0.10.8-6.6.1
  • OR gstreamer-0_10-plugins-bad less than 0.10.8-6.6.1
  • OR libgstapp-0_10-0 less than 0.10.8-6.6.1
    • BACK