Out-of-bounds Heap Read Vulnerability in GStreamer qtdemux_parse_samples Function

Out-of-bounds Heap Read Vulnerability in GStreamer qtdemux_parse_samples Function

CVE-2017-5840 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The qtdemux_parse_samples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds heap read) via vectors involving the current stts index.

Learn more about our Web Application Penetration Testing UK.