CVE-2007-2948: Stack overflow in mplayer cddb handling
Bug #118855 reported by
William Grant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mplayer (Ubuntu) |
Fix Released
|
High
|
William Grant | ||
Dapper |
Fix Released
|
Undecided
|
William Grant | ||
Edgy |
Fix Released
|
Undecided
|
William Grant | ||
Feisty |
Fix Released
|
High
|
William Grant | ||
Gutsy |
Fix Released
|
High
|
William Grant |
Bug Description
Binary package hint: mplayer
Only appears to affect 1.0rc1 (ie. Feisty). Arbitrary code execution is possible, with a malicious entry on the server. There is an upstream patch, and I'll have a debdiff for Feisty shortly.
CVE References
Changed in mplayer: | |
assignee: | nobody → fujitsu |
importance: | Undecided → High |
status: | Unconfirmed → In Progress |
Changed in mplayer: | |
importance: | Undecided → High |
assignee: | nobody → fujitsu |
status: | Unconfirmed → In Progress |
Changed in mplayer: | |
assignee: | fujitsu → nobody |
importance: | High → Undecided |
status: | In Progress → Confirmed |
assignee: | nobody → fujitsu |
Changed in mplayer: | |
importance: | Undecided → High |
status: | Confirmed → In Progress |
Changed in mplayer: | |
assignee: | nobody → fujitsu |
status: | New → In Progress |
assignee: | nobody → fujitsu |
status: | New → In Progress |
Changed in mplayer: | |
status: | In Progress → Triaged |
status: | In Progress → Triaged |
Changed in mplayer: | |
status: | Triaged → In Progress |
Changed in mplayer: | |
status: | Triaged → In Progress |
Changed in mplayer: | |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
Changed in mplayer: | |
status: | Fix Committed → Fix Released |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Gutsy fix was upload a few days back, but changelog- closes- bugs didn't work.