Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially execution of arbitrary code by supplying a maliciously crafted video file. For the stable distribution (etch), these problems have been fixed in version 1.0~rc1-12etch5. For the unstable distribution (sid), these problems have been fixed in version 1.0~rc2-18. We recommend that you upgrade your mplayer packages.
Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially execution of arbitrary code by supplying a maliciously crafted video file.
For the stable distribution (etch), these problems have been fixed in version 1.0~rc1-12etch5.
For the unstable distribution (sid), these problems have been fixed in version 1.0~rc2-18.
We recommend that you upgrade your mplayer packages.
MD5 checksums of the listed files are available in the original advisory.