Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 20 Oct 2008 12:37:56 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: crashers / potential security risks
 in mplayer


Note, some of this stuff is hard to sift through because of such a large
number of crashers.  We're taking a relatively conservative approach here.

The 2007 CVE number is for issues that were technically released in 2007.

- Steve

======================================================
Name: CVE-2007-6718
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6718
Reference: MLIST:[oss-security] 20081007 CVE request: crashers / potential security risks in mplayer
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/07/1
Reference: MISC:http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of
service (SIGSEGV and application crash) via (1) a malformed MP3 file,
as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file,
as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as
demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as
demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as
demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as
demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as
demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as
demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as
demonstrated by lol-mplayer.aac.  NOTE: vector 5 might overlap
CVE-2007-4938, and vector 6 might overlap CVE-2008-0486.


======================================================
Name: CVE-2008-4610
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4610
Reference: MLIST:[oss-security] 20081007 CVE request: crashers / potential security risks in mplayer
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/07/1

MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated by
lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated
by lol-ffplay.ogm, different vectors than CVE-2007-6718.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.