*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Jamie Strandboge (jdstrand):
Binary package hint: mplayer The developers of the free MPlayer media player have fixed a buffer overflow which can be triggered using specially crafted TwinVQ files. The flaw is contained in the demux_open_vqf() function in libmpdemux/demux_vqf.c. Its discoverer Tobias Klein says this can potentially be used to inject and execute arbitrary code. According to the advisory, the problem affects all of the MPlayer versions before 1.0rc2 r28150 (or before r28149 in the repository). See the following link for more details: http://www.heise-online.co.uk/security/Buffer-overflow-in-MPlayer-media- player--/news/112256 ** Affects: mplayer (Ubuntu) Importance: Undecided Status: New -- mplayer buffer overflow which can be triggered using specially crafted TwinVQ files https://bugs.launchpad.net/bugs/308939 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
