MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
BID:12076
Info
MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
| Bugtraq ID: | 12076 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-1188 CVE-2004-1187 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 21 2004 12:00AM |
| Updated: | Jul 12 2009 09:26AM |
| Credit: | The individual that discovered these vulnerabilities wishes to remain anonymous. |
| Vulnerable: |
xine xine-lib 0.99 xine xine-lib 0.9.13 xine xine-lib 0.9.8 xine xine-lib 1-rc8 xine xine-lib 1-rc7 xine xine-lib 1-rc6a xine xine-lib 1-rc6 xine xine-lib 1-rc5 xine xine-lib 1-rc4 xine xine-lib 1-rc3c xine xine-lib 1-rc3b xine xine-lib 1-rc3a xine xine-lib 1-rc3 xine xine-lib 1-rc2 xine xine-lib 1-rc1 xine xine-lib 1-rc0 xine xine-lib 1-beta9 xine xine-lib 1-beta8 xine xine-lib 1-beta7 xine xine-lib 1-beta6 xine xine-lib 1-beta5 xine xine-lib 1-beta4 xine xine-lib 1-beta3 xine xine-lib 1-beta2 xine xine-lib 1-beta12 xine xine-lib 1-beta11 xine xine-lib 1-beta10 xine xine-lib 1-beta1 xine xine-lib 1-alpha xine xine 0.9.18 xine xine 0.9.13 xine xine 0.9.8 xine xine 1-rc8 xine xine 1-rc7 xine xine 1-rc6a xine xine 1-rc6 xine xine 1-rc5 xine xine 1-rc4 xine xine 1-rc3b xine xine 1-rc3a xine xine 1-rc3 xine xine 1-rc2 xine xine 1-rc1 xine xine 1-rc1 xine xine 1-rc0a xine xine 1-rc0 xine xine 1-beta9 xine xine 1-beta8 xine xine 1-beta7 xine xine 1-beta6 xine xine 1-beta5 xine xine 1-beta4 xine xine 1-beta3 xine xine 1-beta2 xine xine 1-beta12 xine xine 1-beta11 xine xine 1-beta10 xine xine 1-beta1 xine xine 1-alpha Turbolinux Turbolinux Desktop 10.0 Turbolinux Home S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 MPlayer MPlayer 1.0 pre5try2 MPlayer MPlayer 1.0 pre5try1 MPlayer MPlayer 1.0 pre5 MPlayer MPlayer 1.0 pre4 MPlayer MPlayer 1.0 pre3try2 MPlayer MPlayer 1.0 pre3 MPlayer MPlayer 1.0 pre2 MPlayer MPlayer 1.0 pre1 MPlayer MPlayer 0.92.1 MPlayer MPlayer 0.92 MPlayer MPlayer 0.91 MPlayer MPlayer 0.90 rc series MPlayer MPlayer 0.90 pre series MPlayer MPlayer 0.90 MPlayer MPlayer 0.9 0rc4 MPlayer MPlayer HEAD CVS MPlayer MPlayer 0_92 CVS Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 Mandriva Linux Mandrake 10.0 AMD64 Mandriva Linux Mandrake 10.0 |
| Not Vulnerable: |
xine xine 1-rc8 |
Discussion
MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
Multiple buffer overflow vulnerabilities are reported to exist in the xine and MPlayer utilities. The following issues are reported:
Several buffer overflow vulnerabilities are reported to exist in the 'pnm_get_chunk()' function.
Reports indicate that the vulnerabilities present themselves in the RMF_TAG, DATA_TAG, PROP_TAG, MDPR_TAG and CONT_TAG handling code of 'pnm_get_chunk()'.
A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.
An additional buffer overflow vulnerability is reported to exist in the PNA_TAG handling code of the 'pnm_get_chunk()' function.
It is reported that supplied PNA_TAG data is copied into a finite buffer without sufficient boundary checks. This results in memory corruption. A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.
Multiple buffer overflow vulnerabilities are reported to exist in the xine and MPlayer utilities. The following issues are reported:
Several buffer overflow vulnerabilities are reported to exist in the 'pnm_get_chunk()' function.
Reports indicate that the vulnerabilities present themselves in the RMF_TAG, DATA_TAG, PROP_TAG, MDPR_TAG and CONT_TAG handling code of 'pnm_get_chunk()'.
A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.
An additional buffer overflow vulnerability is reported to exist in the PNA_TAG handling code of the 'pnm_get_chunk()' function.
It is reported that supplied PNA_TAG data is copied into a finite buffer without sufficient boundary checks. This results in memory corruption. A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.
Exploit / POC
MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
Solution:
xine-lib 1-rc8 has been released dealing with this issue.
Turbolinux has released a security announcement (TLSA- 24022005) and fixes to address these and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
Mandrake Linux has released an advisory (MDKSA-2004:157) along with fixes dealing with this issue. Please see the referenced advisory for more information.
Conectiva has released an advisory CLA-2005:910 to address various issues in MPlayer. Please see the referenced advisory for more information.
Gentoo has released an advisory GLSA 200501-07 to address various issues in xine-lib. Gentoo users may carry out the following commands to update their systems:
emerge --sync
emerge --ask --oneshot --verbose media-libs/xine-lib
Please see the referenced advisory for more information.
Mandrake has released an advisory MDKSA-2005:011 to address various issues in xine-lib. Please see the referenced advisory for more information.
SuSE Linux has released a security summary report (SUSE-SR:2005:002) that contains fixes to address this and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
xine xine-lib 1-rc2
xine xine-lib 1-rc5
xine xine 1-rc3
xine xine-lib 1-rc3
xine xine-lib 1-rc0
xine xine 1-rc0a
xine xine 1-rc5
xine xine-lib 1-rc6
xine xine-lib 1-rc6a
xine xine-lib 1-rc3a
xine xine-lib 1-rc3b
xine xine-lib 1-rc1
xine xine-lib 1-rc7
xine xine-lib 1-rc4
xine xine-lib 1-rc3c
MPlayer MPlayer 0.92
MPlayer MPlayer 1.0 pre3
MPlayer MPlayer 1.0 pre4
MPlayer MPlayer 1.0 pre5
Solution:
xine-lib 1-rc8 has been released dealing with this issue.
Turbolinux has released a security announcement (TLSA- 24022005) and fixes to address these and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
Mandrake Linux has released an advisory (MDKSA-2004:157) along with fixes dealing with this issue. Please see the referenced advisory for more information.
Conectiva has released an advisory CLA-2005:910 to address various issues in MPlayer. Please see the referenced advisory for more information.
Gentoo has released an advisory GLSA 200501-07 to address various issues in xine-lib. Gentoo users may carry out the following commands to update their systems:
emerge --sync
emerge --ask --oneshot --verbose media-libs/xine-lib
Please see the referenced advisory for more information.
Mandrake has released an advisory MDKSA-2005:011 to address various issues in xine-lib. Please see the referenced advisory for more information.
SuSE Linux has released a security summary report (SUSE-SR:2005:002) that contains fixes to address this and other vulnerabilities. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
xine xine-lib 1-rc2
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc5
-
Mandrake lib64xine1-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64xine1-devel-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-devel-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine 1-rc3
-
Mandrake lib64xine1-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64xine1-devel-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-devel-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
xine xine-lib 1-rc3
-
Mandrake lib64xine1-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64xine1-devel-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-devel-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc3.6.3.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc3.6.3.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc0
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine 1-rc0a
-
TurboLinux xine-lib-1rc3c-12.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/xine-lib-1rc3c-12.i586.rpm -
TurboLinux xine-lib-devel-1rc3c-12.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/xine-lib-devel-1rc3c-12.i586.rpm -
TurboLinux xine-lib-wmf-1rc3c-12.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/u pdates/RPMS/xine-lib-wmf-1rc3c-12.i586.rpm
xine xine 1-rc5
-
Mandrake lib64xine1-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64xine1-devel-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libxine1-devel-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-aa-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-arts-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-dxr3-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-esd-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-flac-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-gnomevfs-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc5.9.1.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake xine-plugins-1-0.rc5.9.1.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php
xine xine-lib 1-rc6
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc6a
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc3a
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc3b
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc1
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc7
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc4
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
xine xine-lib 1-rc3c
-
xine xine-lib-1-rc8.tar.gz
http://prdownloads.sourceforge.net/xine/xine-lib-1-rc8.tar.gz
MPlayer MPlayer 0.92
-
Conectiva mplayer-0.92-28594U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/mplayer-0.92-28594U90_2cl.i 386.rpm -
Conectiva mplayer-doc-0.92-28594U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/mplayer-doc-0.92-28594U90_2 cl.i386.rpm
MPlayer MPlayer 1.0 pre3
-
Mandrake lib64postproc0-1.0-0.pre3.14.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake lib64postproc0-devel-1.0-0.pre3.14.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libdha0.1-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-devel-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mencoder-1.0-0.pre3.14.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mencoder-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-1.0-0.pre3.14.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-gui-1.0-0.pre3.14.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-gui-1.0-0.pre3.14.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php
MPlayer MPlayer 1.0 pre4
-
Conectiva mplayer-1.0pre6-73507U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mplayer-1.0pre6-73507U10_2 cl.i386.rpm -
Conectiva mplayer-doc-1.0pre6-73507U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mplayer-doc-1.0pre6-73507U 10_2cl.i386.rpm -
Conectiva mplayer-skins-1.0pre6-73507U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/mplayer-skins-1.0pre6-7350 7U10_2cl.i386.rpm
MPlayer MPlayer 1.0 pre5
-
Mandrake libdha1.0-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libdha1.0-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-devel-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake libpostproc0-devel-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mencoder-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mencoder-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-gui-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php -
Mandrake mplayer-gui-1.0-0.pre5.7.101mdk.i586.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php
References
MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side Buffer Overflow Vulnerabilities
References:
References:
- MPlayer Homepage (MPlayer)
- xine 1-rc8 Change Log (xine)
- xine Homepage (xine)
- iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Han ("customer service mailbox"
) - iDEFENSE Security Advisory 12.21.04: Multiple Vendor Xine version 0.99.2 PNM Han ("customer service mailbox"
)