CVE-2008-0486

描述

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

受影響套件(1)

• Debian/mplayerfrom 0, < 1.0~rc2-8

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0486