Ubuntu
mplayer package

MPlayer arbitrary pointer dereference in demux_audio.c

Bug #190891 reported by Léa GRIS
258
Affects Status Importance Assigned to Milestone
mplayer (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: mplayer

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.

Fix patch is available at:
<http://www.mplayerhq.hu/MPlayer/patches/demux_mov_fix_20080129.diff>

ProblemType: Bug
Architecture: i386
Date: Mon Feb 11 11:33:08 2008
DistroRelease: Ubuntu 7.10
NonfreeKernelModules: nvidia
Package: mplayer 2:1.0~rc2-0ubuntu1~gutsy1
PackageArchitecture: i386
SourcePackage: mplayer
Uname: Linux meumeu 2.6.22-14-generic #1 SMP Fri Feb 1 04:59:50 UTC 2008 i686 GNU/Linux

Tags: apport-bug

CVE References

Revision history for this message
Léa GRIS (lea-gris) wrote :
Revision history for this message
Léa GRIS (lea-gris) wrote :

http://www.mplayerhq.hu/MPlayer/patches/demux_mov_fix_20080129.diff

Léa GRIS (lea-gris)
Changed in mplayer:
status: New → Fix Committed
Emanuele Gentili (emgent)
Changed in mplayer:
status: Fix Committed → In Progress
Revision history for this message
Emanuele Gentili (emgent) wrote :
Jamie Strandboge (jdstrand)
Changed in mplayer:
status: In Progress → Confirmed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.