FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mplayer -- twinvq processing buffer overflow vulnerability

Affected packages
mplayer < 0.99.11_9
mplayer-esound < 0.99.11_9
mplayer-gtk < 0.99.11_9
mplayer-gtk-esound < 0.99.11_9
mplayer-gtk2 < 0.99.11_9
mplayer-gtk2-esound < 0.99.11_9

Details

VuXML ID 7c5bd5b8-d652-11dd-a765-0030843d3802
Discovery 2008-12-14
Entry 2008-12-30

A trapkit reports:

MPlayer contains a stack buffer overflow vulnerability while parsing malformed TwinVQ media files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of MPlayer.

References

CVE Name CVE-2008-5616
URL http://secunia.com/advisories/33136/
URL http://trapkit.de/advisories/TKADV2008-014.txt