MPlayer < 0.92.0 ASX Header Parsing Buffer Overflow
High Nessus Network Monitor Plugin ID 1768
SynopsisThe remote host is using a vulnerable version of MPlayer.
DescriptionThe remote host is using a version of MPlayer which is vulnerable to a buffer overflow. If MPlayer connects to a rogue web server, the server may send a malicious reply which will be executed on this host.
To exploit this vulnerability, an attacker would have to lure the user of this system to visit his website with MPlayer. The attacker then would need to have the web site send malformed replies to this host.
SolutionUpgrade to MPlayer 0.92.0 or higher.