This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200901-07
(MPlayer: Multiple vulnerabilities)
Multiple vulnerabilities have been reported in MPlayer:
stack-based buffer overflow was found in the str_read_packet() function
in libavformat/psxstr.c when processing crafted STR files that
interleave audio and video sectors (CVE-2008-3162).
Andres Manzano reported multiple integer underflows in the
demux_real_fill_buffer() function in demux_real.c when processing
crafted Real Media files that cause the stream_read() function to read
or write arbitrary memory (CVE-2008-3827).
reported a stack-based buffer overflow in the demux_open_vqf() function
in libmpdemux/demux_vqf.c when processing malformed TwinVQ files
A remote attacker could entice a user to open a specially crafted STR,
Real Media, or TwinVQ file to execute arbitrary code or cause a Denial of
There is no known workaround at this time.
See also :
All MPlayer users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p28058-r1 '
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Gentoo Local Security Checks
Nessus Plugin ID: 35355 (gentoo_GLSA-200901-07.nasl)
CVE ID: CVE-2008-3162CVE-2008-3827CVE-2008-5616
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.