Short Name |
HTTP:STC:DL:MPLAYER-TWINVQ-BO |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
MPlayer demux_open_vqf TwinVQ File Handling Buffer Overflow |
Release Date |
2010/10/20 |
Update Number |
1795 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known buffer overflow vulnerability in MPlayer. It is due to a boundary error when processing TwinVQ files. A remote attacker can exploit this by persuading the target user to open a malicious TwinVQ file. In a successful attack, arbitrary code is supplied and executed on the target host. The behavior of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the logged in user. In an unsuccessful attack, the application terminates abnormally while parsing the malicious TwinVQ file.
MPlayer is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. This issue affects MPlayer 1.0rc2; other versions may also be affected.