Signature Detail

HTTP: MPlayer demux_open_vqf TwinVQ File Handling Buffer Overflow

This signature detects attempts to exploit a known buffer overflow vulnerability in MPlayer. It is due to a boundary error when processing TwinVQ files. A remote attacker can exploit this by persuading the target user to open a malicious TwinVQ file. In a successful attack, arbitrary code is supplied and executed on the target host. The behavior of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the logged in user. In an unsuccessful attack, the application terminates abnormally while parsing the malicious TwinVQ file.

Extended Description

MPlayer is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. This issue affects MPlayer 1.0rc2; other versions may also be affected.

Affected Products

• Debian Linux 4.0
• Debian Linux 4.0 Alpha
• Debian Linux 4.0 Amd64
• Debian Linux 4.0 Arm
• Debian Linux 4.0 Armel
• Debian Linux 4.0 Hppa
• Debian Linux 4.0 Ia-32
• Debian Linux 4.0 Ia-64
• Debian Linux 4.0 M68k
• Debian Linux 4.0 Mips
• Debian Linux 4.0 Mipsel
• Debian Linux 4.0 Powerpc
• Debian Linux 4.0 S/390
• Debian Linux 4.0 Sparc
• Gentoo Linux
• Mandriva Linux Mandrake 2008.0
• Mandriva Linux Mandrake 2008.0 X86 64
• Mandriva Linux Mandrake 2008.1
• Mandriva Linux Mandrake 2008.1 X86 64
• Mandriva Linux Mandrake 2009.0
• Mandriva Linux Mandrake 2009.0 X86 64
• MPlayer 1.0Rc2
• Pardus Linux 2007
• Pardus Linux 2008

References

• BugTraq: 32822
• CVE: CVE-2008-5616