Alias(es)MPlayer.RTSP.Line.Response.Buffer.Overflow.A, MPlayer.RTSP.Line.Response.Buffer.Overflow.B |
Release DateJun 15, 2005 |
Severitylow |
ImpactCompromise of the affected system. |
DescriptionThis indicates an attack attempt against a heap-based buffer-overflow vulnerability in Mplayer.Mplayer is a movie player software that supports a wide range of formats. Multiple vulnerabilities are reported in it that may allow an attacker to execute arbitrary code on the vulnerable system. This is due to the application's failure to properly check the bounds of streaming MMS/TCP data and RealMedia RTSP data. An attacker may send specially crafted streaming MMS/TCP data through a media server to cause a buffer overflow in MPlayer. A successful exploit could lead to arbitrary code execution. |
Affected ProductsMPlayer 1.0 pre6 and earlier versions |
Recommended ActionsUpgrade to Mplayer 1.0pre7 and later versions. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-1195 |
Reference/shttp://www.exploit-db.com/exploits/11027http://www.securityfocus.com/bid/13270 (BugTraq) http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 |
