aru Posted September 30, 2003 Report Share Posted September 30, 2003 MandrakeSoft Security Advisory MDKSA-2003:097 : mplayer September 30th, 2003 Updated mplayer packages fix buffer overflow vulnerability A buffer overflow vulnerability was found in MPlayer that is remotely exploitable. A malicious host can craft a harmful ASX header and trick MPlayer into executing arbitrary code when it parses that particular header. The provided packages have been patched to fix the problem. The released versions of Mandrake GNU/Linux affected are: Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:097 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0835 http://www.mplayerhq.hu/homepage/design6/news.html Posted automatically by aru (mdksec2mub v0.0.6) Link to comment Share on other sites More sharing options...
Recommended Posts