Comment 12 for bug 279030

This bug was fixed in the package mplayer - 2:1.0~rc2-0ubuntu13.1

---------------
mplayer (2:1.0~rc2-0ubuntu13.1) hardy-security; urgency=low

  * SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
    earlier allow remote attackers to cause a denial of service
    (process termination) and possibly execute arbitrary code via a
    crafted video file that causes the stream_read function to read or
    write arbitrary memory. (LP: #279030)
    - libmpdemux/demux_real.c - patch from oCert.
    - References:
      + CVE-2008-3827
      + http://www.ocert.org/advisories/ocert-2008-013.html

 -- Stefan Lesicnik <email address hidden> Wed, 08 Oct 2008 07:51:18 +0200