8 matches found
Mandriva Linux Security Advisory : mplayer (MDVSA-2008:196)
Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. The updated packages have been patched to fix this issue. %NASLMINLEVEL 70300 C Tenable...
Gentoo Security Advisory GLSA 200805-22 (mplayer)
The remote host is missing updates announced in advisory GLSA 200805-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
MPlayer sdpplin_parse()函数RTSP整数溢出漏洞
BUGTRAQ ID: 28851 CVECAN ID: CVE-2008-1558 MPlayer是一款基于Linux的媒体播放程序,支持多种媒体格式。 MPlayer的stream/realrtsp/sdpplin.c文件中的sdpplinparse函数存在整数溢出漏洞: sdpplinparsestream desc-streamid=atoibuf; spplinparse desc-streamstream-streamid=stream; 如果用户所打开的媒体文件中包含有超长的StreamCount SDP参数的话,就可以触发这个溢出,导致执行任意指令。 MPlayer 1....
Debian DSA-1552-1 : mplayer - missing input sanitising
It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian Security Advisory DSA 1552-1 (mplayer)
The remote host is missing an update to mplayer announced via advisory DSA 1552-1. OpenVAS Vulnerability Test $Id: deb15521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1552-1 mplayer Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
[SECURITY] [DSA 1552-1] New mplayer packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1552-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 19, 2008 http://www.debian.org/security/faq -...
CVE-2008-1558
Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...
CVE-2008-1558
CVE-2008-1558 affects MPlayer 1.0_rc2 and relates to an uncontrolled array index/integer overflow in the function sdpplin_parse (stream/realrtsp/sdpplin.c). A large SDP parameter (notably StreamCount) can cause memory overwrite, enabling remote code execution. Public advisories describe this as a...