aru Posted February 28, 2006 Report Share Posted February 28, 2006 Mandriva Advisories MDKSA-2006:048 : mplayer Updated mplayer packages fix integer overflow vulnerabilities February 24th, 2006 Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. The updated packages have been patched to prevent this problem. The released versions of Mandriva GNU/Linux affected are: CS3.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:048 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts