The bugreport on mplayerhq is dated to 2004.03.30 see URL Reproducible: Always Steps to Reproduce: 1. 2. 3.
media-video herd -- please review/comment/patch as appropriate.
more info: http://www.mplayerhq.hu/homepage/design6/news.html 2004.03.30, Tuesday :: Exploitable remote buffer overflow vulnerability in the HTTP parser posted by Gabucino Severity: HIGH (if playing HTTP streaming content) LOW (if playing only normal files) Description: A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful HTTP header ("Location:"), and trick MPlayer into executing arbitrary code upon parsing that header. MPlayer versions affected: MPlayer 0.90pre series MPlayer 0.90rc series MPlayer 0.90 MPlayer 0.91 MPlayer 1.0pre1 MPlayer 1.0pre2 MPlayer 1.0pre3 MPlayer versions unaffected: MPlayer releases before 0.60pre1 MPlayer 0.92.1 MPlayer 1.0pre3try2 MPlayer 0_92 CVS MPlayer HEAD CVS ... Patch availability: A patch is available for all vulnerable versions here. http://www.mplayerhq.hu/MPlayer/patches/vuln02-fix.diff
Someone who was afraid to comment on this bug :-) gave the following links: http://seclists.org/lists/bugtraq/2004/Mar/0323.html http://seclists.org/lists/bugtraq/2004/Mar/0326.html
Patrick -- can you please re-assign this back to security@gentoo.org once you've got things patched? Otherwise, we risk losing track of it. Thanks.
AMD64, PPC: please test mplayer-1.0_pre3-r5 and mark stable
ignore my previous testing request. I didn't properly understand how Patrick patched things. GLSA forthcoming.
GLSA 200403-13
*** Bug 46346 has been marked as a duplicate of this bug. ***
*** Bug 46864 has been marked as a duplicate of this bug. ***
