Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:048: mplayer Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the mplayer package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:048 (mplayer).
Multiple integer overflows in (1) the new_demux_packet function in demuxer.h
and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer
1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an
ASF file with a large packet length value. The updated packages have been
patched to prevent this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:048
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.