Launchpad.net

CVE 2007-1387

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.

Related bugs and status

CVE-2007-1387 (Candidate) is related to these bugs:

Bug #210163: [xine-lib] [DSA-1536-1] several vulnerabilities

		In	Importance	Status
210163	[xine-lib] [DSA-1536-1] several vulnerabilities	xine-lib (Ubuntu)	Undecided	Fix Released
210163	[xine-lib] [DSA-1536-1] several vulnerabilities	xine-lib (Debian)	Unknown	Fix Released
210163	[xine-lib] [DSA-1536-1] several vulnerabilities	xine-lib (Ubuntu Dapper)	High	Fix Released
210163	[xine-lib] [DSA-1536-1] several vulnerabilities	xine-lib (Ubuntu Feisty)	High	Fix Released
210163	[xine-lib] [DSA-1536-1] several vulnerabilities	xine-lib (Ubuntu Gutsy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.debian.org...
CONFIRM: http://bugs.debian.org...
SECUNIA: 24462
SECUNIA: 24444
BID: 22933
GENTOO: GLSA-200705-21
SECUNIA: 25462
SECUNIA: 24443
MANDRIVA: MDKSA-2007:061
MANDRIVA: MDKSA-2007:062
DEBIAN: DSA-1536
SECUNIA: 29601
UBUNTU: USN-435-1