Nom du paquet
mplayer
Date
2007-03-08
Advisory ID
MDKSA-2007:055
Affected versions
CS3.0 i586 , CS3.0 x86_64 , 2007.0 x86_64 , 2007.0 i586

Problem description

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c
in MPlayer 1.0rc1 and earlier does not set the biSize before use in a
memcpy, which allows user-assisted remote attackers to cause a buffer
overflow and possibly execute arbitrary code.

Updated packages have been patched to address this issue.

Updated packages

CS3.0 i586

 c856e0fc1743cd8f623d7ee8f9e6ffe3  corporate/3.0/i586/libdha0.1-1.0-0.pre3.14.9.C30mdk.i586.rpm
 1350f9e69fd481e17b707a94fb1bc74a  corporate/3.0/i586/libpostproc0-1.0-0.pre3.14.9.C30mdk.i586.rpm
 98d7ca9b74490afb20c44efe098761fa  corporate/3.0/i586/libpostproc0-devel-1.0-0.pre3.14.9.C30mdk.i586.rpm
 536f8ad600598e2cffce436c1c0e695f  corporate/3.0/i586/mencoder-1.0-0.pre3.14.9.C30mdk.i586.rpm
 208ea2e10312f1cba5989ecbf43956f3  corporate/3.0/i586/mplayer-1.0-0.pre3.14.9.C30mdk.i586.rpm
 1ff79a1c5e08b898a14010305797893c  corporate/3.0/i586/mplayer-gui-1.0-0.pre3.14.9.C30mdk.i586.rpm 
 20150c93e21037f29585075932eb7ef0  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.9.C30mdk.src.rpm

CS3.0 x86_64

 823d5b19da1feead69cb245cbea24ec3  corporate/3.0/x86_64/lib64postproc0-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 b4839689ed4d7fd56198b266a913eda6  corporate/3.0/x86_64/lib64postproc0-devel-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 f522ed8f9e28c712af8820a21635a387  corporate/3.0/x86_64/mencoder-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 91bb9c93d8d71e8978a0dfc9ba5f7b6e  corporate/3.0/x86_64/mplayer-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 10196940030f359d04c345e55c8c98fb  corporate/3.0/x86_64/mplayer-gui-1.0-0.pre3.14.9.C30mdk.x86_64.rpm 
 20150c93e21037f29585075932eb7ef0  corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.9.C30mdk.src.rpm

2007.0 x86_64

 3ccbf6766332228912f9ca86673ee082  2007.0/x86_64/mencoder-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm
 d5544ee7ba584ad39c78221947d9f763  2007.0/x86_64/mplayer-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm
 7485610e6dae090636fb34c7c41c9343  2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm 
 e90776605fb7d8b2c6c9845431dff696  2007.0/SRPMS/mplayer-1.0-1.pre8.13.1mdv2007.0.src.rpm

2007.0 i586

 c79b106f66ef06c04a656adbd2dd5caa  2007.0/i586/libdha1.0-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 5a596579a15d7092b559bbbd6c319167  2007.0/i586/mencoder-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 dd6293fb4f03bd361932e385d07f8918  2007.0/i586/mplayer-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 0b7a8a5af99b3a3975a3f0f9e0b5c70a  2007.0/i586/mplayer-gui-1.0-1.pre8.13.1mdv2007.0.i586.rpm 
 e90776605fb7d8b2c6c9845431dff696  2007.0/SRPMS/mplayer-1.0-1.pre8.13.1mdv2007.0.src.rpm

References