HTTP: MPlayer Real Demuxer stream_read Heap Overflow
There exists a heap overflow vulnerability in MPlayer. The flaw is due to insufficient input validation when processing Real Media files. A remote attacker may exploit this vulnerability by persuading the target user to open a malicious Real Media file. Successful attack could allow for arbitrary code injection and execution with privileges of the currently logged on user. In a successful attack, arbitrary code is supplied and executed on the vulnerable target host. The behaviour of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the logged in user. In an attack where code execution fails, the vulnerable application will terminate abnormally while parsing the malicious RealMedia file.
Extended Description
MPlayer is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. MPlayer 1.0 rc2 is vulnerable; prior versions are also affected.
Affected Products
Webmin webmin
Short Name
HTTP:STC:DL:MPLAYER-DEMUXER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2008-3827 Demuxer Heap MPlayer Overflow Real bid:31473 stream_read
Release Date
10/13/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Mandriva
Webmin
Mplayer
Gentoo
Pardus
CVSS Score
9.3