|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
A remote overflow exists in MPlayer/xine-lib. The product fails to implement boundary conditions during RTSP session negotiation resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service and potentially execute arbitrary code resulting in a loss of integrity and/or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Denial of Service,
Input Manipulation
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Unknown
|
|
Solution |
Upgrade to MPlayer version 1.0pre4, xine-lib 1-rc4, or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
MPlayer
 |
0.9x |
1.0pre1 |
1.0pre2 |
1.0pre3try2 |
|
xine-lib
|
1-rc3a |
1-rc3b |
1-beta1 |
1-beta10 |
1-beta11 |
1-beta2 |
1-beta3 |
1-beta4 |
1-beta5 |
1-beta6 |
1-beta7 |
1-beta8 |
1-beta9 |
|
|
|
|
|
|
Credit |
- Diego Biurrun -
- Roberto Togni -
- Miguel Freitas -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
