FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-1502

This CVE name corresponds to:

Entered Topic
2006-04-07 mplayer -- Multiple integer overflows

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2006-1502
Phase Assigned(20060329)

Description

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c.

References

Source Reference
FULLDISC 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows
BUGTRAQ 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows
MISC http://www.xfocus.org/advisories/200603/11.html
GENTOO GLSA-200605-01
MANDRIVA MDKSA-2006:068
BID 17295
VUPEN ADV-2006-1156
OSVDB 24246
OSVDB 24247
SECTRACK 1015842
SECUNIA 19418
SECUNIA 19565
SECUNIA 19919
SREASON 532
SREASON 647
XF mplayer-asfheader-integer-overflow(25513)
XF mplayer-aviheader-integer-overflow(25514)