aru Posted April 5, 2004 Report Share Posted April 5, 2004 MandrakeSoft Security Advisory MDKSA-2004:026 : mplayer April 5th, 2004 Updated mplayer packages fix remotely exploitable vulnerability A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful HTTP header ("Location:"), and trick MPlayer into executing arbitrary code upon parsing that header. The updated packages contain a patch from the MPlayer development team to correct the problem. The released versions of Mandrake GNU/Linux affected are: 9.2 9.2/AMD64 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:026 Other references: http://www.mplayerhq.hu/homepage/design6/news.html Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts