The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in
MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize
before use in a memcpy, which allows user-assisted remote attackers to
cause a buffer overflow and possibly execute arbitrary code, a different
vulnerability than CVE-2007-1387.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | mplayer | < 2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.1 | UNKNOWN |
ubuntu | 6.10 | noarch | mplayer | < 2:0.99+1.0pre8-0ubuntu8.2 | UNKNOWN |
ubuntu | 7.04 | noarch | mplayer | < 2:1.0~rc1-0ubuntu4 | UNKNOWN |
ubuntu | 6.06 | noarch | xine-lib | < 1.1.1+ubuntu2-7.7 | UNKNOWN |
ubuntu | 6.10 | noarch | xine-lib | < 1.1.2+repacked1-0ubuntu3.4 | UNKNOWN |
ubuntu | 7.04 | noarch | xine-lib | < 1.1.4-2ubuntu3 | UNKNOWN |
ubuntu | 7.10 | noarch | xine-lib | < 1.1.4-2ubuntu3 | UNKNOWN |