|
|
Info |
Last Modified |
| about 1 year ago |
|
|
|
|
|
This Entry needs help! It is only 45% Complete. Click the edit link above to add more information.
Contributing is fast and easy, and benefits the entire security community.
|
Description |
(Description Provided by CVE) : Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.
|
|
Classification |
Attack Type:
Input Manipulation
|
|
Solution |
Upgrade to MPlayer version 1.0pre4, xine-lib 1-rc4, or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
MPlayer
 |
0.9x |
1.0pre1 |
1.0pre2 |
1.0pre3try2 |
|
xine-lib
|
0.9.13 |
1-rc3a |
1-rc3b |
1-rc3c |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
