Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mplayer mplayer 1.02rc2 |
||
xine xine-lib 1.1.10 |