USN-735-1 -- gst-plugins-base0.10 vulnerability
|ID: oval:org.secpod.oval:def:700408||Date: (C)2011-05-13 (M)2017-10-04|
|Class: PATCH||Family: unix|
It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges.