Intrusion Prevention

MPlayer.Demux.Vqf.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in MPlayer.
The vulnerability is caused by an error when the vulnerable software handles a malicious .vqf file. It allows a remote attacker to execute arbitrary code via sending a crafted .vqf file.

Affected Products

MPlayer 1.0 rc2 before r28150

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the svn 28150 rev, available from the web site.
http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?r1=24723&r2=28150&pathrev=28150

CVE References

CVE-2008-5616