CVE-2009-0387

EPSS 17.76% · P95 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0387

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GStreamer Good Plug-ins 程序qtdemux.c 数组索引越界漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GStreamer是一套用于处理流媒体的框架。 GStreamer Good Plug-ins 程序qtdemux.c函数qtdemux_parse_samples 存在数组索引越界漏洞。远程攻击者可以通过构造存在QuickTime媒体文件.mov中的Sync Sample原子数据导致拒绝服务攻击和执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-0387

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-0387

请登录查看更多情报信息。

http://gstreamer.freedesktop.org/releases/gst-plugins-good/0.10.12.htmlx_refsource_CONFIRM
http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=bdc20b9baf13564d9a061343416395f8f9a92b53x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=481267x_refsource_CONFIRM
http://trapkit.de/advisories/TKADV2009-003.txtx_refsource_MISC
http://secunia.com/advisories/34336third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/33650third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35777third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/33815third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/33405vdb-entryx_refsource_BID
http://www.ubuntu.com/usn/USN-736-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2009/0225vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-0271.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200907-11.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDVSA-2009:035vendor-advisoryx_refsource_MANDRIVA
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/500317/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2009/01/29/3mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2009-0387

Same Patch Batch · n/a · 2009-02-02 · 25 CVEs total

CVE-2008-6024		Sun Solaris NFSv4 Client Kernel Module 本地拒绝服务漏洞
CVE-2009-0381		BazaarBuilder Ecommerce Shopping Cart SQL注入漏洞
CVE-2009-0380		Joomla! SQL注入漏洞
CVE-2009-0379		Joomla! Prince Clan Chess Club com_pcchess组件'game_id'参数SQL注入漏洞
CVE-2009-0378		Joomla! com_beamospetition组件跨站脚本执行漏洞
CVE-2009-0377		Joomla! com_beamospetition组件 SQL注入漏洞
CVE-2009-0386		GStreamer Good Plug-ins 程序qtdemux.c 缓冲区溢出和代码执行漏洞
CVE-2009-0385		FFmpeg 安全漏洞
CVE-2009-0384		OwnRS CMS SQL注入漏洞
CVE-2009-0383		Mzbservices Max.Blog 'delete.php' Delete Post身份认证绕过漏洞
CVE-2009-0382		Drupal Internationalization Module 安全绕过漏洞
CVE-2009-0389		Eztools-Software Web on Windows ActiveX 'WriteIniFileString/ShellExecute'任意文件重写漏洞
CVE-2008-4990		Enomaly ECP 临时文件enomalism2.sh 多个安全漏洞
CVE-2008-6023		XNova ‘includes/todofleetcontrol.php’ PHP远程文件包含漏洞
CVE-2008-6022		XNova ‘includes/todofleetcontrol.php' PHP远程文件包含漏洞
CVE-2008-6021		Attachmate Reflection for Secure IT 多个未明安全漏洞
CVE-2008-6020		Drupal Views Content Construction Kit SQL注入漏洞
CVE-2008-6019		DO-CMS 'index.php' SQL注入漏洞
CVE-2008-6018		MyPHPsite 'index.php' 本地文件包含漏洞
CVE-2008-6017		I-RATER Basic 'messages.php' SQL注入漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-0387

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-0387

I. Basic Information for CVE-2009-0387

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-0387

III. Intelligence Information for CVE-2009-0387

Same Patch Batch · n/a · 2009-02-02 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-0387

Leave a comment