CVE-2024-47774 | GStreamer up to 1.24.9 gstavisubtitle.c gst_avi_subtitle_parse_gab2_chunk name_length out-of-bounds (GHSL-2024-262)

Inserito da Angelo Barbosa | Dic 11, 2024 | CVE

A vulnerability was found in GStreamer up to 1.24.9. It has been rated as problematic. This issue affects the function gst_avi_subtitle_parse_gab2_chunk of the file gstavisubtitle.c. The manipulation of the argument name_length leads to out-of-bounds read.

The identification of this vulnerability is CVE-2024-47774. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47774 | GStreamer up to 1.24.9 gstavisubtitle.c gst_avi_subtitle_parse_gab2_chunk name_length out-of-bounds (GHSL-2024-262)

Post correlati

CVE-2024-9566 | D-Link DIR-619L B1 2.06 /goform/formDeviceReboot next_page buffer overflow

CVE-2024-11304 | SEH Computertechnik utnserver Pro/utnserver ProMAX/INU-100 up to 20.1.22 cross site scripting

CVE-2024-40636 | SteeltoeOSS up to 3.2.7 Eureka Service DiscoveryClient.cs ToMaskedString log file

CVE-2024-22042 | Siemens Unicam FX API conhost.exe incorrect privileged apis (ssa-543502)