Package name
mplayer
Date
2007-06-04
Advisory ID
MDKSA-2007:112
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 2007.1 x86_64

Problem description

Buffer overflow in the asmrp_eval function for the Real Media input
plugin allows remote attackers to cause a denial of service and
possibly execute arbitrary code via a rulebook with a large number
of rulematches.

Updated packages have been patched to correct this issue.

Updated packages

2007.0 x86_64

 7db8e08bbc3a2a7780b9cb6172372966  2007.0/x86_64/mencoder-1.0-1.pre8.13.3mdv2007.0.x86_64.rpm
 5b94344377c17fc27cc6387c1f8d56dc  2007.0/x86_64/mplayer-1.0-1.pre8.13.3mdv2007.0.x86_64.rpm
 ec5d71b9b1ab30deb6fe717a4361c7ed  2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.3mdv2007.0.x86_64.rpm 
 77b7d6c6bcaeabeacffc1a67b11783e3  2007.0/SRPMS/mplayer-1.0-1.pre8.13.3mdv2007.0.src.rpm

2007.1 i586

 e35f5cf2df21511dc7c1b8b5d95a4936  2007.1/i586/libdha1.0-1.0-1.rc1.11.1mdv2007.1.i586.rpm
 da4702585498a73d5697e55a5e08f834  2007.1/i586/mencoder-1.0-1.rc1.11.1mdv2007.1.i586.rpm
 22be41581519dc8d8e6e1a28472fe35d  2007.1/i586/mplayer-1.0-1.rc1.11.1mdv2007.1.i586.rpm
 76bd7950cd1790bbf3caeaa3de75202a  2007.1/i586/mplayer-doc-1.0-1.rc1.11.1mdv2007.1.i586.rpm
 48cc118f6e33ddc1db7268b7a4436c51  2007.1/i586/mplayer-gui-1.0-1.rc1.11.1mdv2007.1.i586.rpm 
 f6328948547b7dcb4c085ce1e959986f  2007.1/SRPMS/mplayer-1.0-1.rc1.11.1mdv2007.1.src.rpm

2007.0 i586

 830fb73b1b7ef7bce6f6f21a44d9e89f  2007.0/i586/libdha1.0-1.0-1.pre8.13.3mdv2007.0.i586.rpm
 0235e5abe7ff905ccbe2623876946915  2007.0/i586/mencoder-1.0-1.pre8.13.3mdv2007.0.i586.rpm
 54faca2a832a87403e4ac4f02b719d9e  2007.0/i586/mplayer-1.0-1.pre8.13.3mdv2007.0.i586.rpm
 3adef91daba9c23859a411e6e7fed99d  2007.0/i586/mplayer-gui-1.0-1.pre8.13.3mdv2007.0.i586.rpm 
 77b7d6c6bcaeabeacffc1a67b11783e3  2007.0/SRPMS/mplayer-1.0-1.pre8.13.3mdv2007.0.src.rpm

CS3.0 x86_64

 5703a3b6ccd14cd700762f63b9da58ca  corporate/3.0/x86_64/lib64postproc0-1.0-0.pre3.14.11.C30mdk.x86_64.rpm
 16152708c55cd45a374398cb1b0aff1a  corporate/3.0/x86_64/lib64postproc0-devel-1.0-0.pre3.14.11.C30mdk.x86_64.rpm
 2fc00f3155f4f51875b66ae27207c275  corporate/3.0/x86_64/mplayer-1.0-0.pre3.14.11.C30mdk.x86_64.rpm
 152fbb089a239522190c7ec6d1720c46  corporate/3.0/x86_64/mplayer-gui-1.0-0.pre3.14.11.C30mdk.x86_64.rpm 
 228c3d1cfdc176ce0ca36af225a15683  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.11.C30mdk.src.rpm

CS3.0 i586

 f1b7f04506edd2f048821aa868f312b0  corporate/3.0/i586/libdha0.1-1.0-0.pre3.14.11.C30mdk.i586.rpm
 4250be5ebe5ccae0f1233343699aa3a9  corporate/3.0/i586/libpostproc0-1.0-0.pre3.14.11.C30mdk.i586.rpm
 9c2ee76860184398988a33347d591fd2  corporate/3.0/i586/libpostproc0-devel-1.0-0.pre3.14.11.C30mdk.i586.rpm
 5d1d7efad438f4c645a9124b6c5a2ac8  corporate/3.0/i586/mencoder-1.0-0.pre3.14.11.C30mdk.i586.rpm
 fdd5ab4e3aefef7ea1f42c2bbf48d860  corporate/3.0/i586/mplayer-1.0-0.pre3.14.11.C30mdk.i586.rpm
 b493e323ce7e94c5728cc2a373c40fc5  corporate/3.0/i586/mplayer-gui-1.0-0.pre3.14.11.C30mdk.i586.rpm 
 228c3d1cfdc176ce0ca36af225a15683  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.11.C30mdk.src.rpm

2007.1 x86_64

 780ef1ea825746d89c0ad855920383fe  2007.1/x86_64/mencoder-1.0-1.rc1.11.1mdv2007.1.x86_64.rpm
 1d338368b9c85ba5b537eab6d7458e26  2007.1/x86_64/mplayer-1.0-1.rc1.11.1mdv2007.1.x86_64.rpm
 274d7330781b618dcf413fda2231615f  2007.1/x86_64/mplayer-doc-1.0-1.rc1.11.1mdv2007.1.x86_64.rpm
 955284559324b44e9e6ddbf60c682d68  2007.1/x86_64/mplayer-gui-1.0-1.rc1.11.1mdv2007.1.x86_64.rpm 
 f6328948547b7dcb4c085ce1e959986f  2007.1/SRPMS/mplayer-1.0-1.rc1.11.1mdv2007.1.src.rpm

References