Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200504-19] MPlayer: Two heap overflow vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
MPlayer: Two heap overflow vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200504-19
(MPlayer: Two heap overflow vulnerabilities)
Heap overflows have been found in the code handling RealMedia RTSP
and Microsoft Media Services streams over TCP (MMST).
By setting up a malicious server and enticing a user to use its
streaming data, a remote attacker could possibly execute arbitrary code
on the client computer with the permissions of the user running
There is no known workaround at this time.
All MPlayer users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_pre6-r4"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.