[Bug 308939] [NEW] mplayer buffer overflow which can be triggered using specially crafted TwinVQ files
Launchpad Bug Tracker
308939 at bugs.launchpad.net
Wed Dec 17 15:33:37 UTC 2008
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge (jdstrand):
Binary package hint: mplayer
The developers of the free MPlayer media player have fixed a buffer
overflow which can be triggered using specially crafted TwinVQ files.
The flaw is contained in the demux_open_vqf() function in
libmpdemux/demux_vqf.c. Its discoverer Tobias Klein says this can
potentially be used to inject and execute arbitrary code. According to
the advisory, the problem affects all of the MPlayer versions before
1.0rc2 r28150 (or before r28149 in the repository).
See the following link for more details:
http://www.heise-online.co.uk/security/Buffer-overflow-in-MPlayer-media-
player--/news/112256
** Affects: mplayer (Ubuntu)
Importance: Undecided
Status: New
--
mplayer buffer overflow which can be triggered using specially crafted TwinVQ files
https://bugs.launchpad.net/bugs/308939
You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list