MPlayer 'stream_read' Function Remote Heap Based Buffer Overflow Vulnerability

MPlayer is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

MPlayer 1.0 rc2 is vulnerable; prior versions are also affected.


Privacy Statement
Copyright 2010, SecurityFocus