MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
BID:24339
Info
MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
| Bugtraq ID: | 24339 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2948 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2007 12:00AM |
| Updated: | Jul 26 2007 10:15PM |
| Credit: | Stefan Cornelius from Secunia Research and Reimar Döffinger reported these issues to the vendor. |
| Vulnerable: |
SuSE Linux Desktop 1.0 MPlayer MPlayer 1.0 -rc1 MPlayer MPlayer 1.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 |
| Not Vulnerable: | |
Discussion
MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
MPlayer is prone to multiple buffer-overflow vulnerabilities when it attempts to process malformed album and category titles. These issues occur because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker may exploit these issues to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
MPlayer 1.0rc1 is vulnerable to these issues; other versions may also be affected.
MPlayer is prone to multiple buffer-overflow vulnerabilities when it attempts to process malformed album and category titles. These issues occur because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker may exploit these issues to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
MPlayer 1.0rc1 is vulnerable to these issues; other versions may also be affected.
Exploit / POC
MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
References
MPlayer Multiple CDDB Parsing Buffer Overflow Vulnerabilities
References:
References:
- Diff of /trunk/stream/stream_cddb.c (MPlayer)
- MPlayer Homepage (MPlayer)