- ------------------------------------------------------------ Arch Linux Security Warning ALSW 2007-#15 - ------------------------------------------------------------
Name: mplayer Date: 2007-03-09 Severity: Normal Warning #: 2007-#15 - ------------------------------------------------------------ Product Background =================== A movie player for linux Problem Background =================== The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy. Impact ====== This problem allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Problem Packages =================== Package: mplayer Repo: extra Group: multimedia Unsafe: <= 1.0rc1-4 Safe: >= 1.0rc1-5 Package Fix =================== Upgrade to mplayer 1.0rc1-5 Reference(s) =================== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
signature.asc
Description: OpenPGP digital signature
_______________________________________________ arch mailing list [email protected] http://archlinux.org/mailman/listinfo/arch
