Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 251277 (CVE-2008-5616)

Summary: media-video/mplayer < 1.0_rc2_r28150 demux_vqf.c buffer overflow (CVE-2008-5616)
Product: Gentoo Security Reporter: stupendoussteve
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: major CC: media-video
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5616
Whiteboard: A2 [ebuild]
Package list:
Runtime testing required: ---

Description stupendoussteve 2008-12-17 03:00:01 UTC 
Stack-based buffer overflow in the demux_open_vqf function in
libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote
attackers to execute arbitrary code via a malformed TwinVQ file.

Original advisory: http://trapkit.de/advisories/TKADV2008-014.txt

Reproducible: Always
Comment 1 stupendoussteve 2008-12-17 03:09:01 UTC 

*** This bug has been marked as a duplicate of bug 251017 ***