Launchpad CVE tracker

CVE 2008-0485

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.

Related bugs and status

CVE-2008-0485 (Candidate) is related to these bugs:

Bug #190891: MPlayer arbitrary pointer dereference in demux_audio.c

Summary				In	Importance	Status
	190891	MPlayer arbitrary pointer dereference in demux_audio.c		mplayer (Ubuntu)	Undecided	Confirmed

Bug #191488: [mplayer] [DSA-1496-1] several buffer overflows

		In	Importance	Status
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu)	High	Fix Released
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu Feisty)	High	Fix Released
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu Gutsy)	High	Fix Released
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu Hardy)	High	Fix Released
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu Dapper)	High	Fix Released
191488	[mplayer] [DSA-1496-1] several buffer overflows	mplayer (Ubuntu Edgy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20080204 CORE-2008-012...
CONFIRM: http://www.mplayerhq.h...
BID: 27499
SECTRACK: 1019299
SECUNIA: 28779
DEBIAN: DSA-1496
SECUNIA: 28956
MANDRIVA: MDVSA-2008:045
SECUNIA: 28955
GENTOO: GLSA-200803-16
SECUNIA: 29307
SREASON: 3607
VUPEN: ADV-2008-0406
MISC: http://www.coresecurit...
BUGTRAQ: 20080204 CORE-2008-012...

Launchpad.net

CVE 2008-0485

Related bugs and status

Related bugs

References