FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mplayer -- DMO File Parsing Buffer Overflow Vulnerability

Affected packages
mplayer < 0.99.10_5
mplayer-esound < 0.99.10_5
mplayer-gtk < 0.99.10_5
mplayer-gtk-esound < 0.99.10_5
mplayer-gtk2 < 0.99.10_5
mplayer-gtk2-esound < 0.99.10_5


VuXML ID abeb9b64-ce50-11db-bc24-0016179b2dd5
Discovery 2007-02-11
Entry 2007-03-09

"Moritz Jodeit reports:

There's an exploitable buffer overflow in the current version of MPlayer (v1.0rc1) which can be exploited with a maliciously crafted video file. It is hidden in the DMO_VideoDecoder() function of `loader/dmo/DMO_VideoDecoder.c' file.


Bugtraq ID 22771
CVE Name CVE-2007-1246