CVE-2008-0630 buffer overflow via crafted url
Bug #191410 reported by
Laurent Bigonville
This bug report is a duplicate of:
Bug #191488: [mplayer] [DSA-1496-1] several buffer overflows.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mplayer (Debian) |
Fix Released
|
Unknown
|
|||
mplayer (Ubuntu) |
New
|
High
|
Unassigned |
Bug Description
Binary package hint: mplayer
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for mplayer.
CVE-2008-0630[0]:
| Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823
| allows remote attackers to execute arbitrary code via a crafted URL
| that prevents the IPv6 parsing code from setting a pointer to NULL,
| which causes the buffer to be reused by the unescape code.
You can find a patch for this on:
http://
CVE References
Changed in mplayer: | |
importance: | Undecided → High |
description: | updated |
Changed in mplayer: | |
status: | Unknown → Fix Released |
To post a comment you must log in.