Multiple vulnerabilities have been discovered in MPlayer, possibly allowing for the remote execution of arbitrary code.
Package | media-video/mplayer on all architectures |
---|---|
Affected versions | < 1.0_rc2_p25993 |
Unaffected versions | >= 1.0_rc2_p25993 |
MPlayer is a media player incuding support for a wide range of audio and video formats.
The following errors have been discovered in MPlayer:
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the user running MPlayer.
There is no known workaround at this time.
All MPlayer users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_rc2_p25993"
Release date
March 10, 2008
Latest revision
March 10, 2008: 01
Severity
normal
Exploitable
remote
Bugzilla entries