mplayerplug-in buildPlaylist Overflow

2004-02-10T00:00:00
ID OSVDB:4845
Type osvdb
Reporter OSVDB
Modified 2004-02-10T00:00:00

Description

Vulnerability Description

A local overflow exists in mplayerplug-in. The software fails to check the buffer size of input to the buildPlaylist function resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of code with root privilegs resulting in a loss of integrity and confidentiality.

Solution Description

Upgrade to version 2.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in mplayerplug-in. The software fails to check the buffer size of input to the buildPlaylist function resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of code with root privilegs resulting in a loss of integrity and confidentiality.

References:

Vendor URL: http://freshmeat.net/projects/mplayerplug-in/ Vendor Specific Advisory URL