|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200605-01] MPlayer: Heap-based buffer overflow Vulnerability Scan
Vulnerability Scan Summary MPlayer: Heap-based buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200605-01
(MPlayer: Heap-based buffer overflow)
Xfocus Team discovered multiple integer overflows that may lead to
a heap-based buffer overflow.
Impact
A possible hacker could entice a user to play a specially crafted
multimedia file, potentially resulting in the execution of arbitrary
code with the rights of the user running the application.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502
Solution:
All MPlayer users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0.20060415"
All MPlayer binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/mplayer-bin-1.0.20060415"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|