MPlayer: Multiple buffer overflows
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 200803-16 / mplayer |
| Release Date |
March 10, 2008 |
| Latest Revision |
March 10, 2008: 01 |
| Impact |
normal |
| Exploitable |
remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| media-video/mplayer |
<
1.0_rc2_p25993 |
>=
1.0_rc2_p25993 |
All supported architectures
|
Related bugreports:
#208566
Synopsis
Multiple vulnerabilities have been discovered in MPlayer, possibly allowing
for the remote execution of arbitrary code.
2.
Impact Information
Background
MPlayer is a media player incuding support for a wide range of audio
and video formats.
Description
The following errors have been discovered in MPlayer:
- Felipe Manzano and Anibal Sacco (Core Security Technologies)
reported an array indexing error in the file libmpdemux/demux_mov.c
when parsing MOV file headers (CVE-2008-0485).
- Damian Frizza
and Alfredo Ortega (Core Security Technologies) reported a boundary
error in the file libmpdemux/demux_audio.c when parsing FLAC comments
(CVE-2008-0486).
- Adam Bozanich (Mu Security) reported boundary
errors in the cddb_parse_matches_list() and cddb_query_parse()
functions in the file stream_cddb.c when parsing CDDB album titles
(CVE-2008-0629) and in the url_scape_string() function in the file
stream/url.c when parsing URLS (CVE-2008-0630).
Impact
A remote attacker could entice a user to open a specially crafted file,
possibly resulting in the execution of arbitrary code with the
privileges of the user running MPlayer.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
All MPlayer users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_rc2_p25993"
|
4.
References
|
