MPlayer demux_audio.c远程栈溢出漏洞

BUGTRAQ ID: 27441 CVECAN ID: CVE-2008-0486 MPlayer是一款基于Linux的媒体播放程序，支持多种媒体格式。 MPlayer的libmpdemux/demuxaudio.c文件在解析FLAC标注时存在栈溢出漏洞： /----------- libmpdemux/demuxaudio.c 206 case FLACVORBISCOMMENT: 207 208 / For a description of the format please have a look at / 209 /...

CVE-2008-0486

Summary (CVE-2008-0486): An array index vulnerability in the FLAC tag handling of MPlayer’s demuxer (libmpdemux/demux_audio.c) could allow remote code execution via a crafted FLAC tag. Affected: MPlayer 1.0rc2 and SVN builds prior to r25917, and, due to code similarity, some xine-lib integrations...