Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18110
HistoryOct 04, 2007 - 12:00 a.m.

[ MDKSA-2007:192 ] - Updated mplayer packages fix vulnerability

2007-10-0400:00:00
vulners.com
14
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDKSA-2007:192
http://www.mandriva.com/security/

Package : mplayer
Date : October 1, 2007
Affected: 2007.0, 2007.1

Problem Description:

A heap-based buffer overflow was found in MPlayer's AVI handling
that could allow a remote attacker to cause a denial of service or
possibly execute arbitrary code via a crafted .avi file.

Updated packages have been patched to prevent this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4938

Updated Packages:

Mandriva Linux 2007.0:
664764460655f8fa3ffe837fe1c753c4 2007.0/i586/libdha1.0-1.0-1.pre8.13.5mdv2007.0.i586.rpm
92e7649f53c13651062b76f33b093f16 2007.0/i586/mencoder-1.0-1.pre8.13.5mdv2007.0.i586.rpm
ea399734d197db1b88a8706ad9bf855a 2007.0/i586/mplayer-1.0-1.pre8.13.5mdv2007.0.i586.rpm
9d751d448cf399915dc11233f291bed5 2007.0/i586/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.i586.rpm
c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
a841c634484003178dbe3edcf04250fb 2007.0/x86_64/mencoder-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm
0c59b24ecd8977087b546ad373b5c556 2007.0/x86_64/mplayer-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm
8a9e6cd4f9b438470a08f770a6f3faca 2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm
c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

Mandriva Linux 2007.1:
1f9dba71ed8296072bbb29a276b24349 2007.1/i586/libdha1.0-1.0-1.rc1.11.3mdv2007.1.i586.rpm
b679aa7cfb01a9173539045c7ae06a42 2007.1/i586/mencoder-1.0-1.rc1.11.3mdv2007.1.i586.rpm
518690338f0b044e2e591f9cc49c3eab 2007.1/i586/mplayer-1.0-1.rc1.11.3mdv2007.1.i586.rpm
54a46f319a936e2e94c833385dc01b92 2007.1/i586/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.i586.rpm
bd9470eb57ee6ced6a9e3358d8d47484 2007.1/i586/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.i586.rpm
3e6887feff803bc3a3efe864842e0679 2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
af0ee01741af03a7a75b6a5289dbca9d 2007.1/x86_64/mencoder-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm
0e7e5f18937ebd4a050a683da5116e3e 2007.1/x86_64/mplayer-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm
4eeb75257e99b553e90b2c767fce6903 2007.1/x86_64/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm
2604e564242de95388b4e543624db4dc 2007.1/x86_64/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm
3e6887feff803bc3a3efe864842e0679 2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHAV4CmqjQ0CJFipgRAhrhAKC9bfRHlSG6+oVGztLTNtG5AfVqgACg21JC
obuu0r4eZMhQuLCVAh4l7Ms=
=WAef
-----END PGP SIGNATURE-----

Related

openvas 2
cve 2
ubuntucve 2
prion 2
securityvulns 1
debiancve 2
nessus 1
openvas
openvas
Mandriva Update for mplayer MDKSA-2007:192 (mplayer)
2009-04-09 00:00:00
Mandriva Update for mplayer MDKSA-2007:192 (mplayer)
2009-04-09 00:00:00
cve
cve
CVE-2007-4938
2007-09-18 19:17:00
CVE-2007-6718
2008-10-20 17:59:00
ubuntucve
ubuntucve
CVE-2007-4938
2007-09-18 00:00:00
CVE-2007-6718
2008-10-20 00:00:00
prion
prion
Heap overflow
2007-09-18 19:17:00
Design/Logic Flaw
2008-10-20 17:59:00
securityvulns
securityvulns
MPlayer buffer overflow
2007-10-04 00:00:00
debiancve
debiancve
CVE-2007-4938
2007-09-18 19:17:00
CVE-2007-6718
2008-10-20 17:59:00
nessus
nessus
Mandrake Linux Security Advisory : mplayer (MDKSA-2007:192)
2007-10-03 00:00:00
JSON
Related for SECURITYVULNS:DOC:18110
openvas2cve2ubuntucve2prion2securityvulns1debiancve2nessus1