GLSA 200403-13: Remote buffer overflow in MPlayer
Posted on: 03/31/2004 09:03 AM

A MPlayer update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200403-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Remote buffer overflow in MPlayer
Date: March 31, 2004
Bugs: #46246
ID: 200403-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.

Background
=========

Quote from http://mplayerhq.hu

"MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, OGG/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, DivX 3/4/5 and even WMV
movies, too."

Affected packages
================

-------------------------------------------------------------------
Package/ Vulnerable / Unaffected
-------------------------------------------------------------------
mplayer <= 0.92 >= 0.92-r1
mplayer <= mplayer-1.0_pre2 >= mplayer-1.0_pre2-r1
mplayer <= mplayer-1.0_pre3 >= mplayer-1.0_pre3-r3

Description
==========

A vulnerability exists in the MPlayer HTTP parser which may allow an attacker to craft a special HTTP header ("Location:") which will trick MPlayer into executing arbitrary code on the user's computer.

Impact
=====

An attacker without privileges may exploit this vulnerability remotely, allowing arbitrary code to be executed in order to gain unauthorized access.

Workaround
=========

A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.

Resolution
=========

MPlayer may be upgraded as follows:

x86 and sparc:

# emerge sync

# emerge -pv ">=media-video/mplayer-0.92-r1"
# emerge ">=media-video/mplayer-0.92-r1"

amd64:

# emerge sync

# emerge -pv ">=media-video/mplayer-1.0_pre2-r1"
# emerge ">=media-video/mplayer-1.0_pre2-r1"

ppc:

# emerge sync

# emerge -pv ">=media-video/mplayer-1.0_pre3-r2"
# emerge ">=media-video/mplayer-1.0_pre3-r2"

References
=========

[ 1 ] http://www.mplayerhq.hu/homepage/design6/news.html

Concerns?
========

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/glsa_200403_13_remote_buffer_overflow_in_mplayer.html)