Showing 1 - 4 of 4

CVE-2007-1387

Status Candidate

Overview

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.

Related Files

Debian Linux Security Advisory 1536-1: Posted Apr 2, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1536-1 - Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content.; tags | advisory, denial of service, arbitrary, local, vulnerability, code execution; systems | linux, debian; advisories | CVE-2007-1246, CVE-2007-1387, CVE-2008-0073, CVE-2008-0486, CVE-2008-1161; SHA-256 | fab16d0e5e9613a38e131a5540e6b1deca18ee6d6d803c2faf22cc0f1e8ea324; Download | Favorite | View

Mandriva Linux Security Advisory 2007.062: Posted Mar 14, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.; tags | advisory, remote, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2007-1387; SHA-256 | 1e8a5159b7b6dc0e60918f6aeec48b171e46c9c0258efc535f3006a7322f8b70; Download | Favorite | View

Mandriva Linux Security Advisory 2007.061: Posted Mar 14, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.; tags | advisory, remote, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2007-1387; SHA-256 | d4bfbc41eaadf6b63510af26525e0790c70f14f6c2cec2b97f949be8444a84e3; Download | Favorite | View

Ubuntu Security Notice 435-1: Posted Mar 14, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 435-1 - Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2007-1387; SHA-256 | 9d8bbefeb03f250ad5e440fa93720bd6f44dd1ba21a5563df2eabea84f83f2b5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2007-1387

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems