CVE-2006-6172 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-6172
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-6172

Description: Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-392-1 SUSE http://www.novell.com/linux/security/advisories/2006_28_sr.html SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.433842 SAID Secunia Advisory: SA23218 Secunia Advisory: SA23242 Secunia Advisory: SA23249 Secunia Advisory: SA23301 Secunia Advisory: SA23335 Secunia Advisory: SA23512 Secunia Advisory: SA23567 Secunia Advisory: SA24336 Secunia Advisory: SA24339 Secunia Advisory: SA25555 MISC http://www.mplayerhq.hu/MPlayer/patches/asmrules_fix_20061231.diff MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2007:112 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:224 GENTOO http://security.gentoo.org/glsa/glsa-200702-11.xml http://security.gentoo.org/glsa/glsa-200612-02.xml DEBIAN http://www.debian.org/security/2006/dsa-1244 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=468432 http://www.mplayerhq.hu/design7/news.html#vuln14 BID 21435

Return to the previous page.