Mandriva Linux Security Advisory : mplayer (MDVSA-2008:196)
Critical Nessus Plugin ID 36349
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter.
The updated packages have been patched to fix this issue.
SolutionUpdate the affected packages.