mplayer -- missing input sanitising

2008-04-19T00:00:00
ID DSA-1552
Type debian
Reporter Debian
Modified 2008-04-19T00:00:00

Description

It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream.

For the stable distribution (etch), this problem has been fixed in version 1.0~rc1-12etch3.

For the unstable distribution (sid), this problem has been fixed in version 1.0~rc2-10.

We recommend that you upgrade your mplayer package.