CVE-2007-1246
EPSS 9.3%xine-lib - several vulnerabilities
發布日:2007/3/3修改日:2026/4/28
描述
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.
受影響套件(2)
- Debian/mplayerfrom 0, < 1.0~rc1-13
- Debian/xine-libfrom 0, < 1.0.1-1sarge7