heap overflow

Mplayer remote and local vulnerability + security fix

The well-known video player Mplayer is vulnerable to a heap overflow when playing ASF files locally or from remote (streaming). The potential risks:

High (arbitrary remote code execution under the user ID running the player) when streaming an ASF file from a malicious server, medium (local code execution under the user ID running the player) if you play a malicious ASF file locally. At the time the buffer overflow was fixed there was no known exploit.

Users of the older MPlayer 1.0pre7try2 should apply this patch in order to fix the security issue. CVS users should update to the most recent revision.

I tried to do the latter, but I stumbled over several problems. First, I noticed and filed a bug (I think) in Debian's libavcodec-dev package which prevented a successful compile. After a few more problems I gave up and stayed with 1.0pre7try2 by applying the above-mentioned patch. I'll wait a few more days until the MPlayer developers fix the build issues in CVS...

There's no known exploit in the wild yet, but I bet it won't take too long until one appears. So better fix your Mplayer!

Syndicate content