Subject: SA33136: MPlayer TwinVQ Processing Buffer Overflow Vulnerability Package: mplayer Version: 1.0~rc1-12etch5 Severity: grave Tags: security patch
Hi, The following SA (Secunia Advisory) id was published for mplayer: SA33136[1] > Description: > Tobias Klein has reported a vulnerability in MPlayer, which > potentially can be exploited by malicious people to compromise a > user's system. > > The vulnerability is caused due to a boundary error within the > "demux_open_vqf()" function in libmpdemux/demux_vqf.c. This can be > exploited to cause a stack-based buffer overflow via a specially > crafted TwinVQ file. > > Successful exploitation may allow execution of arbitrary code. > > The vulnerability is reported in version 1.0rc2. Other versions may > also be affected. > > Solution: > Fixed in the SVN repository. > http://svn.mplayerhq.hu/mplayer/branc...=24723&r2=28150&pathrev=28150 > > Provided and/or discovered by: > Tobias Klein > > Original Advisory: > http://trapkit.de/advisories/TKADV2008-014.txt You can find the patch[2] in the upstream svn repository. If you fix the vulnerability please also make sure to include the CVE id (if available) in the changelog entry. [1]http://secunia.com/advisories/33136/ [2]http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?view=patch&r1=24723&r2=28150&pathrev=28150 Cheers, Giuseppe.
signature.asc
Description: OpenPGP digital signature