FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-1246

This CVE name corresponds to:

Entered Topic
2007-03-09 mplayer -- DMO File Parsing Buffer Overflow Vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-1246 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-1246
Phase Assigned(20070303)

Description

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.

References

Source Reference
FULLDISC 20070301 MPlayer DMO buffer overflow
MISC http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c?r1=22019&r2=22204
CONFIRM http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c
DEBIAN DSA-1536
GENTOO GLSA-200704-09
GENTOO GLSA-200705-21
MANDRIVA MDKSA-2007:055
MANDRIVA MDKSA-2007:057
SLACKWARE SSA:2007-109-02
SUSE SUSE-SR:2007:005
SUSE SUSE-SR:2007:007
UBUNTU USN-433-1
BID 22771
FRSIRT ADV-2007-0794
SECUNIA 24448
SECUNIA 24462
SECUNIA 24444
SECUNIA 24446
SECUNIA 24897
SECUNIA 24995
SECUNIA 24866
SECUNIA 25462
SECUNIA 24443
SECUNIA 29601
XF mplayer-dmovideodecoder-bo(32747)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.