FreeBSD : mplayer -- cddb stack overflow (3ac80dd2-14df-11dc-bcfc-0016179b2dd5)
High Nessus Plugin ID 25451
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionMplayer Team reports :
A stack overflow was found in the code used to handle cddb queries.
When copying the album title and category, no checking was performed on the size of the strings before storing them in a fixed-size array.
A malicious entry in the database could trigger a stack overflow in the program, leading to arbitrary code execution with the uid of the user running MPlayer.
SolutionUpdate the affected packages.