mplayer
Page content
- Author: vmiklos
- Vulnerable: 1.0rc2-3
- Unaffected: 1.0rc2-4kalgan1
k`sOSe has discovered a vulnerability in MPlayer, which potentially can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an integer overflow error in the “sdpplin_parse()” function in stream/realrtsp/sdpplin.c. This can be exploited to overwrite arbitrary memory regions via an overly large “StreamCount” SDP parameter. Successful exploitation may allow execution of arbitrary code.
- Bug Tracker URL: http://bugs.frugalware.org/task/2913