Mplayer -- Vulnerability In STR Files Processor Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/30994 https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 http://www.vuxml.org/freebsd/5ccb1c14-e357-11dd-a765-0030843d3802.html

Insight

The following packages are affected: mplayer mplayer-esound mplayer-gtk mplayer-gtk-esound mplayer-gtk2 mplayer-gtk2-esound CVE-2008-3162 Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

Severity

Classification

CVE CVE-2008-3162
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreeBSD Ports: chromium
FreeBSD Ports: cacti
FreeBSD Ports: cdf3
FreeBSD Ports: clamav
FreeBSD Ports: acroread

mplayer -- vulnerability in STR files processor

Take action and discover your vulnerabilities