CVE-2008-1558
EPSS 21.9%mplayer - arbitrary code execution
發布日:2008/3/31修改日:2026/4/28
也稱為:DEBIAN-CVE-2008-1558
描述
Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow.
受影響套件(3)
- Debian/mplayerfrom 0, < 1.0~rc2-10
- Debian/mplayerfrom 0, < 1.0~rc1-12etch3
- Debian/mplayerfrom 0, < 1.0~rc2-8+lenny1