CVE-2007-1246

2007-03-03T19:19:00
ID CVE-2007-1246
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:37:00

Description

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387. Failed exploit attempts will likely result in a denial-of-service condition.