MPlayer: Heap-based buffer overflow — GLSA 200605-01

MPlayer contains multiple integer overflows that may lead to a heap-based buffer overflow.

Affected packages

media-video/mplayer on all architectures
Affected versions < 1.0.20060415
Unaffected versions >= 1.0.20060415
>= 1.0_pre8
media-video/mplayer-bin on all architectures
Affected versions < 1.0.20060415
Unaffected versions >= 1.0.20060415
>= 1.0_pre8

Background

MPlayer is a media player that supports many multimedia file types.

Description

Xfocus Team discovered multiple integer overflows that may lead to a heap-based buffer overflow.

Impact

An attacker could entice a user to play a specially crafted multimedia file, potentially resulting in the execution of arbitrary code with the privileges of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All MPlayer users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0.20060415"

All MPlayer binary users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-video/mplayer-bin-1.0.20060415"

References

Release date
May 01, 2006

Latest revision
June 21, 2006: 02

Severity
normal

Exploitable
remote

Bugzilla entries