Mandrake Linux Security Advisory : mplayer (MDKSA-2006:048)
High Nessus Plugin ID 21002
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionMultiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value.
The updated packages have been patched to prevent this problem.
SolutionUpdate the affected packages.