Ubuntu
mplayer package

  1. Bug #191410
  2. Activity log

Activity log for bug #191410

Date Who What changed Old value New value Message
2008-02-13 00:15:18 Laurent Bigonville bug added bug
2008-02-13 00:16:07 Laurent Bigonville mplayer: importance Undecided High
2008-02-13 00:16:59 Laurent Bigonville bug assigned to mplayer (Debian)
2008-02-13 00:20:22 Laurent Bigonville description Binary package hint: mplayer Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for mplayer. CVE-2008-0630[0]: | Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 | allows remote attackers to execute arbitrary code via a crafted URL | that prevents the IPv6 parsing code from setting a pointer to NULL, | which causes the buffer to be reused by the unescape code. You can find a patch for this on: http://svn.mplayerhq.hu/mplayer/trunk/stream/stream_cddb.c?r1=25820&r2=25824 Binary package hint: mplayer Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for mplayer. CVE-2008-0630[0]: | Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 | allows remote attackers to execute arbitrary code via a crafted URL | that prevents the IPv6 parsing code from setting a pointer to NULL, | which causes the buffer to be reused by the unescape code. You can find a patch for this on: http://svn.mplayerhq.hu/mplayer/trunk/stream/url.c?r1=25820&r2=25823
2008-02-13 10:36:36 Bug Watch Updater mplayer: status Unknown Fix Released
2008-02-14 03:38:06 Emanuele Gentili marked as duplicate 191488