Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 29 Apr 2016 09:38:28 +0200
From: Gustavo Grieco <>
Subject: CVE request: Mplayer/Mencoder integer overflow parsing gif files


A crash caused by an integer overflow parsing a gif was found in the last
revision of mplayer. It seems to affect older versions too. It was recently
fixed (r37857). Technical details and a reproducer are available here:

I verified that this issue affects mencoder, so you should check if you are
using it for conversion of gif files. This crash was found by QuickFuzz.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ