- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 30578
- Проверка EDB
-
- Пройдено
- Автор
- CODE AUDIT LABS
- Тип уязвимости
- DOS
- Платформа
- LINUX
- CVE
- cve-2007-4938
- Дата публикации
- 2007-09-12
Код:
source: https://www.securityfocus.com/bid/25648/info
MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data.
Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed attacks will result in denial-of-service conditions.
MPlayer 1.0rc1 is vulnerable; other versions may also be affected.
NOTE: The vendor states that this issue is present only on operating systems with a 'calloc' implementation that is prone to an integer-overflow issue.
The following proof-of-concept AVI header data is available:
69 6E 64 78 00 FF FF FF 01 11 64 73 20 00 00 10
indx truck size 0xffffff00
wLongsPerEntry 0x0001
BIndexSubType is 0x64
bIndexType is 0x73
nEntriesInuse is 0x10000020- Источник
- www.exploit-db.com
