Heap-based Buffer Overflow in Gst.MapInfo Function in Vala 0.26.0 and 0.26.1

Heap-based Buffer Overflow in Gst.MapInfo Function in Vala 0.26.0 and 0.26.1

CVE-2014-8154 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Bind.