Short Name |
HTTP:STC:DL:MPLAYER-DEMUXER |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
MPlayer Real Demuxer stream_read Heap Overflow |
Release Date |
2010/10/13 |
Update Number |
1791 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
There exists a heap overflow vulnerability in MPlayer. The flaw is due to insufficient input validation when processing Real Media files. A remote attacker may exploit this vulnerability by persuading the target user to open a malicious Real Media file. Successful attack could allow for arbitrary code injection and execution with privileges of the currently logged on user. In a successful attack, arbitrary code is supplied and executed on the vulnerable target host. The behaviour of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the logged in user. In an attack where code execution fails, the vulnerable application will terminate abnormally while parsing the malicious RealMedia file.
MPlayer is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. MPlayer 1.0 rc2 is vulnerable; prior versions are also affected.