Secunia
Login
|
|
CVE Reference: CVE-2004-1311 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1311 |
|
|
Description: Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/18525 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:157 IDEFENSE http://www.idefense.com/application/poi/display?id=166 CONFIRM http://www1.mplayerhq.hu/MPlayer/patches/rtsp_fix_20041215.diff http://www1.mplayerhq.hu/MPlayer/releases/ChangeLog |
|
| Return to the previous page. |
