Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mu Finds Vulnerabilities in MPlayer

SUNNYVALE, Calif. -- Mu Security, a pioneer in the new security analyzer market, has discovered and helped remediate Multiple Remote Arbitrary Execution Vulnerabilities in MPlayer. http://labs.musecurity.com/advisories.html

Affected Products/Versions: MPlayer 1.0rc2 and SVN before r25824 (Sun Jan 20 20:58:02 2008 UTC). Older versions are probably affected, but they were not checked.

Product Overview: MPlayer is a movie player which runs on many systems (see the documentation). It plays most MPEG/VOB, AVI, Ogg/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, RealMedia, Matroska, NUT, NuppelVideo, FLI, YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, DivX 3/4/5 and even WMV movies.
http://www.mplayerhq.hu

Vulnerability Details

URL IPv6 Address Parsing Remote Heap Overflow: A heap overflow condition exists in the parsing of IPv6 addresses, allowing for arbitrary code execution.

  • 1