This bug was fixed in the package mplayer - 2:1.0~rc2-0ubuntu13.2
---------------
mplayer (2:1.0~rc2-0ubuntu13.2) hardy-security; urgency=low
* SECURITY UPDATE: Integer signedness error in the fourxm_read_header
function in libavformat/4xm.c in FFmpeg before revision 16846 allows
remote attackers to execute arbitrary code via a malformed 4X movie
file with a large current_track value, which triggers a NULL pointer
dereference. (LP: #731625)
- libavformat/4xm.c - patch from ffmpeg package in hardy-security
- References:
+ CVE-2009-0385
-- Firas Kraiem <[email protected]> Tue, 08 Mar 2011 22:53:14 +0100
** Changed in: mplayer (Ubuntu Hardy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/731625
Title:
[CVE-2009-0385] arbitrary code excecution via NULL pointer dereference
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
