2
Candidate: CVE-2007-1246
4
https://usn.ubuntu.com/usn/usn-433-1
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
7
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in
8
MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize
9
before use in a memcpy, which allows user-assisted remote attackers to
10
cause a buffer overflow and possibly execute arbitrary code, a different
11
vulnerability than CVE-2007-1387.
15
https://bugs.launchpad.net/ubuntu/+source/mplayer/+bug/92968
17
dapper_xine-lib: released (1.1.1+ubuntu2-7.7)
18
edgy_xine-lib: released (1.1.2+repacked1-0ubuntu3.4)
19
feisty_xine-lib: released (1.1.4-2ubuntu3)
20
gutsy_xine-lib: released (1.1.4-2ubuntu3)
21
devel_xine-lib: released (1.1.4-2ubuntu3)
22
upstream_mplayer: released
23
dapper_mplayer: released (2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.1)
24
edgy_mplayer: released (2:0.99+1.0pre8-0ubuntu8.2)
25
feisty_mplayer: released (2:1.0~rc1-0ubuntu4)
26
gutsy_mplayer: not-affected
27
devel_mplayer: not-affected