Ca concerne aussi la version OSX ?????
Début du message réexpédié :
------------------------------------------------------------------------ ------De: Secunia Security Advisories <[EMAIL PROTECTED]> Date: Ven 26 sep 2003 14:12:31 Europe/Paris Objet: [sec-adv] MPlayer ASX Streaming Buffer Overflow Vulnerability
TITLE: MPlayer ASX Streaming Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA9853
VERIFY ADVISORY: http://www.secunia.com/advisories/9853/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:From remote
SOFTWARE: MPlayer 1.x MPlayer 0.x
DESCRIPTION: A vulnerability has been reported in MPlayer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error when parsing ASX headers. This can be exploited by tricking a user into playing an ASX stream with a specially crafted header.
Successful exploitation causes a buffer overflow and allows execution of arbitrary code with the user's privileges.
The vulnerability has been affects the following versions: * MPlayer 0.90pre series * MPlayer 0.90rc series * MPlayer 0.90 * MPlayer 0.91 * MPlayer 1.0pre1
SOLUTION: The following versions are not affected: * MPlayer releases before 0.90pre1 * MPlayer 0.92 * MPlayer HEAD CVS
ORIGINAL ADVISORY: http://mp.dev.hu/homepage/design6/news.html#vuln01
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Contact details: Web : http://www.secunia.com/ E-mail : [EMAIL PROTECTED] Tel : +45 7020 5144 Fax : +45 7020 5145
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://www.secunia.com/sec_adv_unsubscribe/ [EMAIL PROTECTED]
----------------------------------------------------------------------
David Duhamel
http://home.nordnet.fr/~dduhamel/
AIM/iChat : dduhamel2001
Ou cet homme est mort, ou ma montre est arrêtée !
(Groucho Marx)
Les minijupes, c'est comme les sondages : ça donne des idées mais ça
cache l'essentiel.
-- Avec i-mode, vivez une toute nouvelle experience de la communication et des services en ligne. Plus dÕinfo sur http://www.imode.be CyberCafe c'est chaque semaine le mardi 19h et 22h30 sur La 2! Desabonnement par email : <mailto:[EMAIL PROTECTED]>
