CVE-2007-1246: MPlayer DMO buffer overflow
Bug #92968 reported by
hexion
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| mplayer (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
| Dapper |
Fix Released
|
Undecided
|
William Grant | ||
| Edgy |
Fix Released
|
Undecided
|
William Grant | ||
Bug Description
Binary package hint: mplayer
http://
As I read in some security pages like www.hispasec.com (Spanish), there's a bug in mplayer rc1 and below that may put in risk the system. SVN version solves the problem.
ProblemType: Bug
Architecture: i386
Date: Sat Mar 17 00:51:53 2007
DistroRelease: Ubuntu 7.04
Uname: Linux patatilla 2.6.20-
CVE References
Revision history for this message
| Lionel Le Folgoc (mrpouit) wrote | #1 |
| Changed in mplayer: | |
| status: | Unconfirmed → Fix Released |
| Changed in mplayer: | |
| assignee: | nobody → fujitsu |
| status: | New → In Progress |
| assignee: | nobody → fujitsu |
| status: | New → In Progress |
| Changed in mplayer: | |
| status: | In Progress → Triaged |
| status: | In Progress → Triaged |
| Changed in mplayer: | |
| status: | Triaged → In Progress |
Revision history for this message
| William Grant (wgrant) wrote | #2 |
Revision history for this message
| William Grant (wgrant) wrote | #3 |
| Changed in mplayer: | |
| status: | Triaged → In Progress |
Revision history for this message
| Kees Cook (kees) wrote | #4 |
| Changed in mplayer: | |
| status: | In Progress → Fix Committed |
| status: | In Progress → Fix Committed |
| Changed in mplayer: | |
| status: | Fix Committed → Fix Released |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Hi,
Thanks for your bug report. This issue has already been fixed in feisty:
mplayer (2:1.0~
* SECURITY UPDATE: DMO decoder heap overflow.
* loader/
* References
http://
CVE-2007-1246
-- Kees Cook <email address hidden> Tue, 6 Mar 2007 15:21:26 -0800