Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MPlayer < 0.92.0 ASX Header Parsing Buffer Overflow

High

Synopsis

The remote host is using a vulnerable version of MPlayer.

Description

The remote host is using a version of MPlayer which is vulnerable to a buffer overflow. If MPlayer connects to a rogue web server, the server may send a malicious reply which will be executed on this host. To exploit this vulnerability, an attacker would have to lure the user of this system to visit his website with MPlayer. The attacker then would need to have the web site send malformed replies to this host.

Solution

Upgrade to MPlayer 0.92.0 or higher.