-
Committer:
Bazaar Package Importer
-
Author(s):
Stefan Lesicnik
-
Date:
2008-10-08 07:51:18 UTC
-
Revision ID:
james.westby@ubuntu.com-20081008075118-wtpumk9n19zivlva
Tags: 2:1.0~rc2-0ubuntu13.1
* SECURITY UPDATE: Multiple integer underflows in MPlayer 1.0_rc2 and
earlier allow remote attackers to cause a denial of service
(process termination) and possibly execute arbitrary code via a
crafted video file that causes the stream_read function to read or
write arbitrary memory. (LP: #279030)
- libmpdemux/demux_real.c - patch from oCert.
- References:
+ CVE-2008-3827
+ http://www.ocert.org/advisories/ocert-2008-013.html