{ "threat_severity" : "Important", "public_date" : "2026-03-13T20:41:50Z", "bugzilla" : { "description" : "GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling", "id" : "2447496", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2447496" }, "cvss3" : { "cvss3_base_score" : "7.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\nThe specific flaw exists within the handling of palette data in AVI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28854.", "A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow before writing to memory. An attacker can leverage this integer overflow to execute code in the context of the current process." ], "statement" : "This is an IMPORTANT vulnerability in GStreamer that allows arbitrary code execution. The flaw occurs due to an integer overflow when processing palette data in specially crafted AVI files. Exploitation requires a user to process a malicious AVI file with an application linked against the GStreamer library.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6259", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "gstreamer1-plugins-bad-free-0:1.24.11-3.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6259", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "gstreamer1-plugins-base-0:1.24.11-2.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6259", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "gstreamer1-plugins-good-0:1.24.11-2.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6259", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "gstreamer1-plugins-ugly-free-0:1.24.11-2.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19024", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "gstreamer1-plugins-bad-free-0:1.26.7-2.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19024", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "gstreamer1-plugins-base-0:1.26.7-2.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19024", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "gstreamer1-plugins-good-0:1.26.7-2.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19024", "cpe" : "cpe:/o:redhat:enterprise_linux:10.2", "package" : "gstreamer1-plugins-ugly-free-0:1.26.7-2.el10_2" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8854", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "gstreamer1-plugins-bad-free-0:1.24.11-3.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8854", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "gstreamer1-plugins-base-0:1.24.11-1.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8854", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "gstreamer1-plugins-good-0:1.24.11-1.el10_0.2" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8854", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "gstreamer1-plugins-ugly-free-0:1.24.11-1.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-04-13T00:00:00Z", "advisory" : "RHSA-2026:7673", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "gstreamer1-plugins-bad-free-0:1.10.4-5.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-04-13T00:00:00Z", "advisory" : "RHSA-2026:7673", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "gstreamer1-plugins-base-0:1.10.4-4.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-04-13T00:00:00Z", "advisory" : "RHSA-2026:7673", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "gstreamer1-plugins-good-0:1.10.4-4.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-04-13T00:00:00Z", "advisory" : "RHSA-2026:7850", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "gstreamer-plugins-base-0:0.10.36-11.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-04-13T00:00:00Z", "advisory" : "RHSA-2026:7850", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "gstreamer-plugins-good-0:0.10.31-14.el7_9" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-07T00:00:00Z", "advisory" : "RHSA-2026:6750", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-6.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-07T00:00:00Z", "advisory" : "RHSA-2026:6750", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gstreamer1-plugins-base-0:1.16.1-6.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-04-07T00:00:00Z", "advisory" : "RHSA-2026:6750", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gstreamer1-plugins-good-0:1.16.1-6.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9487", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9487", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "gstreamer1-plugins-base-0:1.16.1-3.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9487", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "gstreamer1-plugins-good-0:1.16.1-3.el8_2" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9446", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_4" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9447", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "gstreamer1-plugins-good-0:1.16.1-4.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "gstreamer1-plugins-good-0:1.16.1-5.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "gstreamer1-plugins-bad-free-0:1.16.1-4.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "gstreamer1-plugins-base-0:1.16.1-4.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-04-21T00:00:00Z", "advisory" : "RHSA-2026:9488", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "gstreamer1-plugins-good-0:1.16.1-5.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19180", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-bad-free-0:1.22.12-7.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19180", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-base-0:1.22.12-8.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19180", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-good-0:1.22.12-7.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-05-19T00:00:00Z", "advisory" : "RHSA-2026:19180", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-ugly-free-0:1.22.12-6.el9_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6300", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-bad-free-0:1.22.12-5.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6300", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-base-0:1.22.12-5.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6300", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-good-0:1.22.12-5.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-03-31T00:00:00Z", "advisory" : "RHSA-2026:6300", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "gstreamer1-plugins-ugly-free-0:1.22.12-4.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8876", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "gstreamer1-plugins-bad-free-0:1.18.4-8.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8876", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "gstreamer1-plugins-base-0:1.18.4-8.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8876", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "gstreamer1-plugins-good-0:1.18.4-7.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8874", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "gstreamer1-plugins-bad-free-0:1.18.4-9.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8874", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "gstreamer1-plugins-base-0:1.18.4-8.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8874", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "gstreamer1-plugins-good-0:1.18.4-8.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8857", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "gstreamer1-plugins-bad-free-0:1.22.1-6.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8857", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "gstreamer1-plugins-base-0:1.22.1-4.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8857", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "gstreamer1-plugins-good-0:1.22.1-4.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8862", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "gstreamer1-plugins-bad-free-0:1.22.12-5.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8862", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "gstreamer1-plugins-base-0:1.22.12-5.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8862", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "gstreamer1-plugins-good-0:1.22.12-5.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-04-20T00:00:00Z", "advisory" : "RHSA-2026:8862", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "gstreamer1-plugins-ugly-free-0:1.22.12-4.el9_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "gstreamer", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Affected", "package_name" : "gstreamer1", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "mingw-gstreamer1", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-2921\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-2921\nhttps://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/e3a99c35266fc92dd6a18ac5fde028d0cda559e6\nhttps://www.zerodayinitiative.com/advisories/ZDI-26-168/" ], "name" : "CVE-2026-2921", "mitigation" : { "value" : "To mitigate this issue, avoid processing untrusted AVI media files with applications that use the GStreamer library. Users should exercise caution when opening or playing AVI files from unknown or suspicious sources.", "lang" : "en:us" }, "csaw" : false }