MDVSA-2008:196
- Package name
- mplayer
- Date
- 2008-09-15
- Advisory ID
- MDVSA-2008:196
- Affected versions
- 2008.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586
Problem description
Uncontrolled array index in the sdpplin_parse function in
stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers
to overwrite memory and execute arbitrary code via a large streamid
SDP parameter.
The updated packages have been patched to fix this issue.
Updated packages
2008.0 i586
07986d15f18d7340ccdbf5906e65e2c4 2008.0/i586/libdha1.0-1.0-1.rc1.20.4mdv2008.0.i586.rpm d3c7f28d571a501a4f21a1755d1660ce 2008.0/i586/mencoder-1.0-1.rc1.20.4mdv2008.0.i586.rpm b59fee894fe681115cdb33e62dd270d0 2008.0/i586/mplayer-1.0-1.rc1.20.4mdv2008.0.i586.rpm 6b85efde94633b2d71073f1c1fc3a9dc 2008.0/i586/mplayer-doc-1.0-1.rc1.20.4mdv2008.0.i586.rpm 5b7db93db96afcde015a9ef42bca8554 2008.0/i586/mplayer-gui-1.0-1.rc1.20.4mdv2008.0.i586.rpm 0aa07da9587aa20dcb4316cc33b004b0 2008.0/SRPMS/mplayer-1.0-1.rc1.20.4mdv2008.0.src.rpm
CS3.0 x86_64
e0338d0c3cb1e2c33d50d63ab9a4627f corporate/3.0/x86_64/lib64postproc0-1.0-0.pre3.14.16.C30mdk.x86_64.rpm fd765680b0928c0c75f01fda39fd822b corporate/3.0/x86_64/lib64postproc0-devel-1.0-0.pre3.14.16.C30mdk.x86_64.rpm 4c6c6b477acaf47ecf7ddd5fd15916a0 corporate/3.0/x86_64/mencoder-1.0-0.pre3.14.16.C30mdk.x86_64.rpm 7282864f91152a9cc2d1a93fe9f93732 corporate/3.0/x86_64/mplayer-1.0-0.pre3.14.16.C30mdk.x86_64.rpm b6b49c3aec318ea67e31b8ca94597ad5 corporate/3.0/x86_64/mplayer-gui-1.0-0.pre3.14.16.C30mdk.x86_64.rpm 1158a9332df052cc32a1dcc17a486278 corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.16.C30mdk.src.rpm
2008.0 x86_64
4ed443cd03adfb59ed71d9144224fccc 2008.0/x86_64/mencoder-1.0-1.rc1.20.4mdv2008.0.x86_64.rpm 75a636754a8e428cb6099b735b3bda61 2008.0/x86_64/mplayer-1.0-1.rc1.20.4mdv2008.0.x86_64.rpm eef1df30deb2424a34ebd53be0738dbe 2008.0/x86_64/mplayer-doc-1.0-1.rc1.20.4mdv2008.0.x86_64.rpm efd52fecf218dfe2d1a2fe2af0d350c2 2008.0/x86_64/mplayer-gui-1.0-1.rc1.20.4mdv2008.0.x86_64.rpm 0aa07da9587aa20dcb4316cc33b004b0 2008.0/SRPMS/mplayer-1.0-1.rc1.20.4mdv2008.0.src.rpm
CS3.0 i586
88de2e0d1778f0b6559d5212197cd22a corporate/3.0/i586/libdha0.1-1.0-0.pre3.14.16.C30mdk.i586.rpm a8ea83b08be774da5331ed8d9b0e1105 corporate/3.0/i586/libpostproc0-1.0-0.pre3.14.16.C30mdk.i586.rpm 9dec12f64b68aa8fc9a677f673e180a3 corporate/3.0/i586/libpostproc0-devel-1.0-0.pre3.14.16.C30mdk.i586.rpm 629aa4300a95d168bf09606b99d12246 corporate/3.0/i586/mencoder-1.0-0.pre3.14.16.C30mdk.i586.rpm 8422c5b0399372678f95ee8c17df6ba4 corporate/3.0/i586/mplayer-1.0-0.pre3.14.16.C30mdk.i586.rpm d2afff5a819c129b693e9c8024d45695 corporate/3.0/i586/mplayer-gui-1.0-0.pre3.14.16.C30mdk.i586.rpm 1158a9332df052cc32a1dcc17a486278 corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.16.C30mdk.src.rpm
2008.1 x86_64
26bea74f84a5ed367520f481d4c5c1d3 2008.1/x86_64/mencoder-1.0-1.rc2.10.3mdv2008.1.x86_64.rpm fa84cc334968489e822ff5eda7e5b310 2008.1/x86_64/mplayer-1.0-1.rc2.10.3mdv2008.1.x86_64.rpm 9b1a8ae19758c90487508e429abf14a3 2008.1/x86_64/mplayer-doc-1.0-1.rc2.10.3mdv2008.1.x86_64.rpm 5348eac886ab0abbfbffc95dfef3a9e4 2008.1/x86_64/mplayer-gui-1.0-1.rc2.10.3mdv2008.1.x86_64.rpm c0033a7acff75a3b0469d04d9dad5a84 2008.1/SRPMS/mplayer-1.0-1.rc2.10.3mdv2008.1.src.rpm
2008.1 i586
4c9e6653d3a609e3b0e12b2a2d782190 2008.1/i586/mencoder-1.0-1.rc2.10.3mdv2008.1.i586.rpm b86bd6f6814f76446e36b3ee6c16a388 2008.1/i586/mplayer-1.0-1.rc2.10.3mdv2008.1.i586.rpm 4d27ac4774ce0a0b88d5ff0717f6e6e2 2008.1/i586/mplayer-doc-1.0-1.rc2.10.3mdv2008.1.i586.rpm edae8ef02bd7511176b17cac685690c6 2008.1/i586/mplayer-gui-1.0-1.rc2.10.3mdv2008.1.i586.rpm c0033a7acff75a3b0469d04d9dad5a84 2008.1/SRPMS/mplayer-1.0-1.rc2.10.3mdv2008.1.src.rpm