* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
earlier allow remote attackers to cause a denial of service
(process termination) and possibly execute arbitrary code via a
crafted video file that causes the stream_read function to read or
write arbitrary memory (LP: #279030)
- libmpdemux/demux_real.c: Address various integer underflows. Patch
from oCert.org.
- http://www.ocert.org/advisories/ocert-2008-013.html
- CVE-2008-3827
* SECURITY UPDATE: Uncontrolled array index in the sdpplin_parse function in
stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to
overwrite memory and execute arbitrary code via a large streamid SDP
parameter. (LP: #212601).
- Cherrypicked rev 80 from lp:~ubuntu-dev/mplayer/ubuntu (William Grant)
stream/realrtsp/sdpplin.c: Properly check the stream ID. Patch from
upstream.
- CVE-2008-1558
-- Stefan Lesicnik <email address hidden> Fri, 10 Oct 2008 20:55:42 +0200
This bug was fixed in the package mplayer - 2:1.0~rc1- 0ubuntu13. 3
--------------- rc1-0ubuntu13. 3) gutsy-security; urgency=low
mplayer (2:1.0~
* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and demux_real. c: Address various integer underflows. Patch www.ocert. org/advisories/ ocert-2008- 013.html realrtsp/ sdpplin. c in MPlayer 1.0 rc2 allows remote attackers to realrtsp/ sdpplin. c: Properly check the stream ID. Patch from
earlier allow remote attackers to cause a denial of service
(process termination) and possibly execute arbitrary code via a
crafted video file that causes the stream_read function to read or
write arbitrary memory (LP: #279030)
- libmpdemux/
from oCert.org.
- http://
- CVE-2008-3827
* SECURITY UPDATE: Uncontrolled array index in the sdpplin_parse function in
stream/
overwrite memory and execute arbitrary code via a large streamid SDP
parameter. (LP: #212601).
- Cherrypicked rev 80 from lp:~ubuntu-dev/mplayer/ubuntu (William Grant)
stream/
upstream.
- CVE-2008-1558
-- Stefan Lesicnik <email address hidden> Fri, 10 Oct 2008 20:55:42 +0200