CVE-2006-6172

描述

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.

受影響套件(2)

• Debian/mplayerfrom 0, < 1.0~rc1-11
• Debian/xine-libfrom 0, < 1.0.1-1sarge5

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-6172