Lucene search
GoogleOSV:DSA-1782-1HistoryApr 29, 2009 - 12:00 a.m.
mplayer - arbitrary code execution
2009-04-2900:00:00
Google
osv.dev
17
0.495 Medium
EPSS
Percentile
97.5%
Several vulnerabilities have been discovered in mplayer, a movie player
for Unix-like systems. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CVE-2009-0385
It was discovered that watching a malformed 4X movie file could lead to
the execution of arbitrary code. - CVE-2008-4866
It was discovered that multiple buffer overflows could lead to the
execution of arbitrary code. - CVE-2008-5616
It was discovered that watching a malformed TwinVQ file could lead to
the execution of arbitrary code.
For the oldstable distribution (etch), these problems have been fixed
in version 1.0~rc1-12etch7.
For the stable distribution (lenny), mplayer links against
ffmpeg-debian.
For the testing distribution (squeeze) and the unstable distribution
(sid), mplayer links against ffmpeg-debian.
We recommend that you upgrade your mplayer packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mplayer | eq | 1.0~rc1-12etch | |
| mplayer | eq | 1.0~rc1-12etch1 | |
| mplayer | eq | 1.0~rc1-12etch2 | |
| mplayer | eq | 1.0~rc1-12etch3 | |
| mplayer | eq | 1.0~rc1-12etch5 |
References
Related
debian
debian
[SECURITY] [DSA 1782-1] New mplayer packages fix arbitrary code execution
2009-04-29 07:01:08
openvas
openvas
Debian: Security Advisory (DSA-1782-1)
2009-05-05 00:00:00
Debian Security Advisory DSA 1782-1 (mplayer)
2009-05-05 00:00:00
Mandrake Security Advisory MDVSA-2009:014 (mplayer)
2009-01-20 00:00:00
nessus
nessus
Debian DSA-1782-1 : mplayer - several vulnerabilities
2009-04-30 00:00:00
Mandriva Linux Security Advisory : mplayer (MDVSA-2009:013)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : mplayer (MDVSA-2009:014)
2009-04-23 00:00:00
ubuntu
ubuntu
FFmpeg vulnerabilities
2009-03-16 00:00:00
cve
cve
prion
prion
Buffer overflow
2008-11-01 00:00:00
Integer overflow
2009-02-02 19:30:00
Stack overflow
2008-12-17 01:30:00
ubuntucve
ubuntucve
cvelist
cvelist
nvd
nvd
debiancve
debiancve
seebug
seebug
FFmpeg 4xmζ仢解ζε
εη ΄εζΌζ΄
2009-02-19 00:00:00
checkpoint_advisories
checkpoint_advisories
MPlayer demux_open_vqf TwinVQ File Handling Buffer Overflow (CVE-2008-5616)
2009-12-20 00:00:00
FFmpeg 4xm Processing Memory Corruption (CVE-2009-0385)
2009-11-03 00:00:00
securityvulns
securityvulns
MPlayer buffer overflow
2008-12-15 00:00:00
freebsd
freebsd
mplayer -- twinvq processing buffer overflow vulnerability
2008-12-14 00:00:00
ffmpeg -- 4xm processing memory corruption vulnerability
2009-01-28 00:00:00
libxine -- multiple vulnerabilities
2009-04-04 00:00:00
slackware
slackware
xine-lib
2009-04-07 23:31:21
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2009-03-19 00:00:00
MPlayer: Multiple vulnerabilities
2009-01-12 00:00:00
osv
osv
ffmpeg ffmpeg-debian - arbitrary code execution
2009-04-29 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: xine-lib-1.1.16.3-1.fc10
2009-04-09 16:08:28
[SECURITY] Fedora 9 Update: xine-lib-1.1.16.3-1.fc9
2009-04-09 16:07:39
