FreeBSD : mplayer -- multiple integer overflows (724e6f93-8f2a-11dd-821f-001cc0377035)
High Nessus Plugin ID 34327
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe oCERT team reports :
The MPlayer multimedia player suffers from a vulnerability which could result in arbitrary code execution and at the least, in unexpected process termination. Three integer underflows located in the Real demuxer code can be used to exploit a heap overflow, a specific video file can be crafted in order to make the stream_read function reading or writing arbitrary amounts of memory.
SolutionUpdate the affected packages.